5 matches found
EUVD-2022-4955
Malicious code in bioql PyPI...
PT-2025-24570 · Cyberdata · Cyberdata 011209 Intercom
Name of the Vulnerable Software and Affected Versions: CyberData 011209 Intercom affected versions not specified Description: The issue allows an unauthenticated user to access the Web Interface through an alternate path. Recommendations: At the moment, there is no information about a newer versi...
CVE-2024-6843
The Chatbot with ChatGPT WordPress plugin before 2.4.5 does not sanitise and escape user inputs, which could allow unauthenticated users to perform Stored Cross-Site Scripting attacks against admins...
CVE-2022-4383
The CBX Petition for WordPress plugin through 1.0.3 does not properly sanitize and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...
CVE-2017-14957
Stored XSS vulnerability via a comment in inc/conv.php in BlogoText before 3.7.6 allows an unauthenticated attacker to inject JavaScript. If the victim is an administrator, an attacker can for example change global settings or create/delete posts. It is also possible to execute JavaScript against...