35 matches found
CVE-2019-20211
The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow Persistent XSS via Listing Address, Listing Latitude, Listing Longitude, Email Address, Description, Name, Job or Position, Description, Service Name, Address, Latitude, Longitude, Phon...
EUVD-2019-10763
Malware in sbrugna...
EUVD-2019-10766
Malware in sbrugna...
EUVD-2019-10765
Malware in sbrugna...
EUVD-2019-10764
Malware in sbrugna...
TownHub < 1.3.0 - Unauthenticated Reflected XSS
Unauthenticated Reflected XSS vulnerability was discovered in the «TownHub - Directory & Listing WordPress Theme», tested version — v1.2.9. Edit WPScanTeam June 17th, 2020 - Confirmed & Escalated to Envato June 18th, 2020 - v1.3.0 released, fixing the issue PoC...
WordPress TownHub premium theme <= 1.2.9 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability
Unauthenticated Reflected Cross-Site Scripting XSS vulnerability discovered by m0ze VLΛD VΞCTOR in WordPress TownHub premium theme versions = 1.2.9. Solution Update the WordPress TownHub premium theme to the latest available version at least 1.3.0...
TownHub < 1.3.0 - Unauthenticated Reflected XSS
Unauthenticated Reflected XSS vulnerability was discovered in the «TownHub - Directory & Listing WordPress Theme», tested version — v1.2.9. Edit WPScanTeam June 17th, 2020 - Confirmed & Escalated to Envato June 18th, 2020 - v1.3.0 released, fixing the issue...
WordPress CTHthemes CityBook, TownHub and EasyBook Cross-Site Scripting Vulnerabilities (CNVD-2020-16668)
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in WordPress CTHthemes CityBook versions prior to 2.3.4, TownHub...
WordPress CTHthemes CityBook, TownHub and EasyBook Cross-Site Scripting Vulnerabilities (CNVD-2020-16659)
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in WordPress CTHthemes CityBook versions prior to 2.3.4, TownHub...
WordPress CTHthemes Unspecified Vulnerability in CityBook, TownHub and EasyBook
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A security vulnerability exists in WordPress CTHthemes CityBook versions prior to 2.3.4, TownHub versions prio...
WordPress CTHthemes CityBook, TownHub and EasyBook Cross-Site Scripting Vulnerabilities
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Ultimate Member plugin is one of the plugins used to create member sites or online communities. A cross-site scripting vulnerability...
CVE-2019-20210
The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow Reflected XSS via a search query...
CVE-2019-20211
The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow Persistent XSS via Listing Address, Listing Latitude, Listing Longitude, Email Address, Description, Name, Job or Position, Description, Service Name, Address, Latitude, Longitude, Phon...
CVE-2019-20211
The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow Persistent XSS via Listing Address, Listing Latitude, Listing Longitude, Email Address, Description, Name, Job or Position, Description, Service Name, Address, Latitude, Longitude, Phon...
CVE-2019-20212
The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow Persistent XSS via the chat widget/page message form...
CVE-2019-20212
The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow Persistent XSS via the chat widget/page message form...
CVE-2019-20210
The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow Reflected XSS via a search query...
CVE-2019-20209
The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow nsecure Direct Object Reference IDOR via wp-admin/admin-ajax.php to delete any page/post/listing...
CVE-2019-20209
The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow nsecure Direct Object Reference IDOR via wp-admin/admin-ajax.php to delete any page/post/listing...