378 matches found
toggle-array vulnerable to prototype pollution
toggle-array is a package designed to enables a property on the object at the specified index, while disabling the property on all other objects. A Prototype Pollution vulnerability in the enable and disable function of toggle-array v1.0.1 and before allows attackers to inject properties on...
CVE-2025-57328
toggle-array is a package designed to enables a property on the object at the specified index, while disabling the property on all other objects. A Prototype Pollution vulnerability in the enable and disable function of toggle-array v1.0.1 and before allows attackers to inject properties on...
CVE-2025-57328
toggle-array is a package designed to enables a property on the object at the specified index, while disabling the property on all other objects. A Prototype Pollution vulnerability in the enable and disable function of toggle-array v1.0.1 and before allows attackers to inject properties on...
CVE-2025-57328
toggle-array is a package designed to enables a property on the object at the specified index, while disabling the property on all other objects. A Prototype Pollution vulnerability in the enable and disable function of toggle-array v1.0.1 and before allows attackers to inject properties on...
CVE-2025-57328
toggle-array is a package designed to enables a property on the object at the specified index, while disabling the property on all other objects. A Prototype Pollution vulnerability in the enable and disable function of toggle-array v1.0.1 and before allows attackers to inject properties on...
toggle-array 安全漏洞
toggle-array is a js library by the individual developer Jon Schlinkert. A security vulnerability exists in toggle-array 1.0.1 and earlier versions, which stems from prototype contamination in the enable and disable functions, which could lead to a denial of service attack...
CVE-2025-57328
CVE-2025-57328 — toggle-array prototype pollution is a vulnerability in the toggle-array package (v1.0.1 and earlier) where the enable and disable functions can inject properties onto Object.prototype, enabling prototype pollution and causing denial of service. Affected: toggle-array; vulnerabili...
CVE-2025-9634
The Plugin updates blocker plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.2. This is due to missing or incorrect nonce validation on the pubsave action handler. This makes it possible for unauthenticated attackers to disable or enable plug...
CVE-2025-9634
CVE-2025-9634 concerns the WordPress plugin “Plugin updates blocker” (versions up to and including 0.2). The flaw is a CSRF vulnerability caused by missing or incorrect nonce validation on the pub_save action, enabling unauthenticated attackers to toggle plugin updates (disable/enable) by luring ...
CVE-2025-58871
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Luis Rock Master Paper Collapse Toggle master-paper-collapse-toggle allows Stored XSS.This issue affects Master Paper Collapse Toggle: from n/a through = 1.1...
CVE-2025-32345
In updateState of ContentProtectionTogglePreferenceController.java, there is a possible way for a secondary user to disable the primary user's deceptive app scanning setting due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges...
CVE-2025-58871
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Luis Rock Master Paper Collapse Toggle master-paper-collapse-toggle allows Stored XSS.This issue affects Master Paper Collapse Toggle: from n/a through = 1.1...
CVE-2025-58871
CVE-2025-58871 affects the WordPress plugin Master Paper Collapse Toggle (versions
CVE-2025-58871 WordPress Master Paper Collapse Toggle Plugin <= 1.1 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Luis Rock Master Paper Collapse Toggle master-paper-collapse-toggle allows Stored XSS.This issue affects Master Paper Collapse Toggle: from n/a through = 1.1...
WordPress Master Paper Collapse Toggle Plugin <= 1.1 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by Mika in WordPress Plugin Master Paper Collapse Toggle versions = 1.1...
PT-2025-36210
Name of the Vulnerable Software and Affected Versions: Luis Rock Master Paper Collapse Toggle versions through 1.1 Description: The software contains an Improper Neutralization of Input During Web Page Generation issue, which allows for Stored Cross-site Scripting XSS. Recommendations: Update to ...
WordPress plugin Master Paper Collapse Toggle 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
CVE-2025-32345
In updateState of ContentProtectionTogglePreferenceController.java, there is a possible way for a secondary user to disable the primary user's deceptive app scanning setting due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges...
CVE-2025-32345
In updateState of ContentProtectionTogglePreferenceController.java, there is a possible way for a secondary user to disable the primary user's deceptive app scanning setting due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges...
CVE-2025-26435
In updateState of ContentProtectionTogglePreferenceController.java, there is a possible way for a secondary user to disable the primary user's deceptive app scanning setting due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges...