19 matches found
EUVD-2024-45108
Malicious code in bioql PyPI...
EUVD-2024-49774
Malicious code in bioql PyPI...
CVE-2024-9177
The Themedy Toolbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's themedycol, themedysociallink, themedyalertbox, and themedypullleft shortcodes in all versions up to, and including, 1.0.14, and up to, and including 1.0.15 for the plugin's themedybutton...
CVE-2024-50547
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mark Hodder Themedy Toolbox themedy-toolbox allows DOM-Based XSS.This issue affects Themedy Toolbox: from n/a through = 1.0.16...
CVE-2024-50547
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mark Hodder Themedy Toolbox themedy-toolbox allows DOM-Based XSS.This issue affects Themedy Toolbox: from n/a through = 1.0.16...
CVE-2024-50547
CVE-2024-50547 is a Cross-Site Scripting (XSS) vulnerability in the WordPress plugin Themedy Toolbox (versions up to and including 1.0.16). The issue arises from improper neutralization of input during web page generation, described as a DOM-based XSS in some sources and as an input handling weak...
CVE-2024-50547 WordPress Themedy Toolbox plugin <= 1.0.16 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mark Hodder Themedy Toolbox themedy-toolbox allows DOM-Based XSS.This issue affects Themedy Toolbox: from n/a through = 1.0.16...
CVE-2024-50547 WordPress Themedy Toolbox plugin <= 1.0.16 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mark Hodder Themedy Toolbox themedy-toolbox allows DOM-Based XSS.This issue affects Themedy Toolbox: from n/a through = 1.0.16...
WordPress plugin Themedy Toolbox 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress Themedy Toolbox plugin <= 1.0.16 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by theviper17 Patchstack Alliance in WordPress Plugin Themedy Toolbox versions = 1.0.16...
WordPress Themedy Toolbox Plugin <= 1.0.16 is vulnerable to Cross Site Scripting (XSS)
Software Themedy Toolbox Type Plugin Vulnerable versions = 1.0.16 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-50547 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 016e04512162 Credits theviper17 Required privilege Contribut...
CVE-2024-9177
The Themedy Toolbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's themedycol, themedysociallink, themedyalertbox, and themedypullleft shortcodes in all versions up to, and including, 1.0.14, and up to, and including 1.0.15 for the plugin's themedybutton...
CVE-2024-9177
The Themedy Toolbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's themedycol, themedysociallink, themedyalertbox, and themedypullleft shortcodes in all versions up to, and including, 1.0.14, and up to, and including 1.0.15 for the plugin's themedybutton...
CVE-2024-9177
CVE-2024-9177 concerns Themedy Toolbox for WordPress. The vulnerability is Stored Cross-Site Scripting (XSS) via multiple shortcodes (themedy_col, themedy_social_link, themedy_alertbox, themedy_pullleft; and themedy_button for versions ≤ 1.0.15) caused by insufficient input sanitization and outpu...
CVE-2024-9177 Themedy Toolbox <= 1.0.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Shortcodes
The Themedy Toolbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's themedycol, themedysociallink, themedyalertbox, and themedypullleft shortcodes in all versions up to, and including, 1.0.14, and up to, and including 1.0.15 for the plugin's themedybutton...
CVE-2024-9177 Themedy Toolbox <= 1.0.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Shortcodes
The Themedy Toolbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's themedycol, themedysociallink, themedyalertbox, and themedypullleft shortcodes in all versions up to, and including, 1.0.14, and up to, and including 1.0.15 for the plugin's themedybutton...
WordPress Themedy Toolbox plugin <= 1.0.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Shortcodes vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Multiple Shortcodes vulnerability discovered by Francesco Carlucci in WordPress Plugin Themedy Toolbox versions = 1.0.15...
WordPress plugin Themedy Toolbox 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress Themedy Toolbox Plugin <= 1.0.15 is vulnerable to Cross Site Scripting (XSS)
Software Themedy Toolbox Type Plugin Vulnerable versions = 1.0.15 Fixed in 1.0.16 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9177 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 23274631c438 Credits Francesco Carlucci...