EUVD-2023-50052

Malicious code in bioql PyPI...

EUVD-2024-37072

Malicious code in bioql PyPI...

CVE-2024-32552

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tagbox Taggbox allows Stored XSS.This issue affects Taggbox: from n/a through 3.2...

CVE-2024-38754

Cross-Site Request Forgery CSRF vulnerability in Taggbox Taggbox taggbox-widget allows Cross Site Request Forgery.This issue affects Taggbox: from n/a through = 3.3...

CVE-2023-45763

Cross-Site Request Forgery CSRF vulnerability in Taggbox plugin = 2.9 versions...

CVE-2023-33215

Missing Authorization vulnerability in Taggbox Taggbox taggbox-widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Taggbox: from n/a through = 3.3...

CVE-2024-38754

Cross-Site Request Forgery CSRF vulnerability in Taggbox Taggbox taggbox-widget allows Cross Site Request Forgery.This issue affects Taggbox: from n/a through = 3.3...

CVE-2024-38754

CVE-2024-38754 describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin Taggbox Taggbox (Tagbox Widget), affecting Taggbox versions up to 3.3. The issued CVE notes a CSRF flaw without detailing exploitation steps or specific affected actions beyond the CSRF label. The C...

WordPress plugin Taggbox 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request...

CVE-2023-33215

Missing Authorization vulnerability in Taggbox Taggbox taggbox-widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Taggbox: from n/a through = 3.3...

CVE-2023-33215 WordPress Taggbox plugin <= 3.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Taggbox Taggbox taggbox-widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Taggbox: from n/a through = 3.3...

CVE-2023-33215 WordPress Taggbox plugin <= 3.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Taggbox Taggbox taggbox-widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Taggbox: from n/a through = 3.3...

PT-2024-12423 · Taggbox · Taggbox

Name of the Vulnerable Software and Affected Versions: Taggbox versions prior to 3.3 Description: The issue is related to a Missing Authorization vulnerability in Taggbox, allowing exploitation of incorrectly configured access control security levels. Recommendations: For versions prior to 3.3,...

WordPress plugin Taggbox 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress Taggbox Plugin <= 3.3 is vulnerable to Cross Site Request Forgery (CSRF)

Software Taggbox Type Plugin Vulnerable versions = 3.3 Fixed in 3.4 OWASP Top 10 A4: Insecure Design Classification Cross Site Request Forgery CSRF CVE CVE-2024-38754 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 4e6bfed63b1b Credits Majed Refaea Required privilege...

CVE-2024-32552

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tagbox Taggbox allows Stored XSS.This issue affects Taggbox: from n/a through 3.2...

CVE-2024-32552

CVE-2024-32552 affects the WordPress plugin Tagbox Taggbox (Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics). The issue is an improperly neutralized input during web page generation that yields a Stored XSS condition. According to the entry, affected versions are up to and ...

PT-2024-24673 · Taggbox · Taggbox

Name of the Vulnerable Software and Affected Versions: Taggbox versions n/a through 3.2 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Stored XSS in Taggbox. Recommendations: For versions n/a...

WordPress Taggbox Plugin <= 3.2 is vulnerable to Cross Site Scripting (XSS)

Software Taggbox Type Plugin Vulnerable versions = 3.2 Fixed in 3.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32552 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID e3c9be5e7816 Credits LVT-tholv2k Required privilege Contributor Publish...

Taggbox < 3.2 - Unauthenticated PHP Object Injection

Description The Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.1 via deserialization of untrusted input. This makes it possible for unauthenticated attackers to inject a PHP...