8 matches found
EUVD-2023-52770
Malicious code in bioql PyPI...
CVE-2023-48737
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PT Trijaya Digital Grup TriPay Payment Gateway allows Stored XSS.This issue affects TriPay Payment Gateway: from n/a through 3.2.7...
Cross site scripting
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PT Trijaya Digital Grup TriPay Payment Gateway allows Stored XSS.This issue affects TriPay Payment Gateway: from n/a through 3.2.7...
CVE-2023-48737 WordPress TriPay Payment Gateway Plugin <= 3.2.7 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PT Trijaya Digital Grup TriPay Payment Gateway allows Stored XSS.This issue affects TriPay Payment Gateway: from n/a through 3.2.7...
CVE-2023-48737 WordPress TriPay Payment Gateway Plugin <= 3.2.7 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PT Trijaya Digital Grup TriPay Payment Gateway allows Stored XSS.This issue affects TriPay Payment Gateway: from n/a through 3.2.7...
CVE-2023-48737
CVE-2023-48737 refers to a Cross-Site Scripting (XSS) vulnerability in the TriPay Payment Gateway WordPress plugin. Affected: TriPay Payment Gateway versions up to and including 3.2.7. Root cause: improper neutralization of input during web page generation leading to stored XSS. Impact per source...
TriPay Payment Gateway < 3.2.8 - Admin+ Stored XSS
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
WordPress TriPay Payment Gateway Plugin <= 3.2.7 is vulnerable to Cross Site Scripting (XSS)
Software TriPay Payment Gateway Type Plugin Vulnerable versions = 3.2.7 Fixed in 3.2.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-48737 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID df8ba766f270 Credits Luqman Hakim Y Required privile...