CVE-2023-6444

Seriously Simple Podcasting WordPress plugin versions prior to 3.0.0 disclose the Podcast owner's email via an unauthenticated crafted request. Impact: unauthorized disclosure of administrator email addresses; remediation: upgrade to version 3.0.0 or later.

pyLoad js2py Python Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/stopwatch' class MetasploitModule 'pyLoad js2py Python Execution', 'Description' = %q pyLoad versions prior to 0.5.0b3.dev31 are vulnerable to Python code...

CVE-2022-38207 Reflected XSS vulnerability in Portal for ArcGIS (10.8.1 and 10.7.1 only)

There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 10.8.1 and 10.7.1 which may allow a remote remote, unauthenticated attacker to create a crafted link which when clicked which could execute arbitrary JavaScript code in the victim’s browser...

CVE-2020-13913

An XSS issue in emfd in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to execute JavaScript code via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c,...