EUVD-2024-28171

Malicious code in bioql PyPI...

CVE-2024-31942

Cross-Site Request Forgery CSRF vulnerability in typps Calendarista Basic Edition calendarista-basic-edition.This issue affects Calendarista Basic Edition: from n/a through = 3.0.2...

CVE-2024-30534

Missing Authorization vulnerability in typps Calendarista Basic Edition calendarista-basic-edition.This issue affects Calendarista Basic Edition: from n/a through = 3.0.5...

CVE-2024-30240

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Typps Calendarista.This issue affects Calendarista: from n/a through 15.5.7...

PT-2024-23463 · Typps · Typps Calendarista Basic Edition

Name of the Vulnerable Software and Affected Versions: typps Calendarista Basic Edition versions 3.0.5 and earlier Description: The issue is related to a Missing Authorization vulnerability. This vulnerability affects typps Calendarista Basic Edition. Recommendations: For versions 3.0.5 and...

CVE-2024-31942

Cross-Site Request Forgery CSRF vulnerability in typps Calendarista Basic Edition calendarista-basic-edition.This issue affects Calendarista Basic Edition: from n/a through = 3.0.2...

CVE-2024-31942

Calendarista Basic Edition (WordPress) is affected by a Cross-Site Request Forgery (CSRF) vulnerability for Calendarista Booking actions in versions up to 3.0.2. The issue is confirmed as fixed (Patched) in a newer release; upgrade to a patched version when available. If upgrading is not possible...

PT-2024-24307 · Typps · Typps Calendarista Basic Edition

Name of the Vulnerable Software and Affected Versions: Typps Calendarista Basic Edition versions 3.0.2 and earlier Description: A Cross-Site Request Forgery CSRF issue affects the software, allowing unauthorized actions to be performed on behalf of a user without their knowledge. Recommendations:...

WordPress Calendarista Basic Edition Plugin <= 3.0.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software Calendarista Basic Edition Type Plugin Vulnerable versions = 3.0.2 Fixed in 3.0.3 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-31942 Patch priority Low CVSS severity Low 4.3 Developer Typps PSID 10bef6a4f8ae Credits Dhabaleshwar Das...

CVE-2024-30240

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Typps Calendarista.This issue affects Calendarista: from n/a through 15.5.7...

CVE-2024-30240

The CVE-2024-30240 entry concerns the WordPress Calendarista plugin (versions up to 15.5.7). Root cause: improper neutralization of special elements in SQL commands leading to an SQL Injection vulnerability. Affects authenticated users with subscriber-level access and above; exploitation could al...

CVE-2024-27993

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in typps Calendarista Basic Edition calendarista-basic-edition.This issue affects Calendarista Basic Edition: from n/a through = 3.0.2...

CVE-2024-27993

The CVE-2024-27993 entry describes an Improper Neutralization of Input During Web Page Generation (XSS) vulnerability in Typps Calendarista Basic Edition, affecting Calendarista Basic Edition versions up to 3.0.2. The provided data lists a CVSS v3.1 base score of 7.1 (HIGH) with Network attack ve...

WordPress Calendarista Basic Edition Plugin <= 3.0.2 is vulnerable to Cross Site Scripting (XSS)

Software Calendarista Basic Edition Type Plugin Vulnerable versions = 3.0.2 Fixed in 3.0.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-27993 Patch priority Medium CVSS severity Medium 7.1 Developer Typps PSID fee56b010abe Credits Mochamad Sofyan Required...