13 matches found
EUVD-2020-28623
Malware in sbrugna...
CVE-2025-8399
The Mmm Unity Loader plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘attributes’ parameter in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...
CVE-2025-8399
CVE-2025-8399 affects the WordPress plugin “MMM Unity Loader” up to version 1.0 and enables stored XSS via the attributes parameter. Exploitation requires authenticated access at Contributor level or higher, enabling script injection on pages visited by users. Various connected sources corroborat...
CVE-2025-8399 Mmm Unity Loader <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via attributes Parameter
The Mmm Unity Loader plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘attributes’ parameter in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...
CVE-2025-8399 Mmm Unity Loader <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via attributes Parameter
The Mmm Unity Loader plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘attributes’ parameter in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...
PT-2025-31731 · WordPress · Mmm Unity Loader
Name of the Vulnerable Software and Affected Versions: Mmm Unity Loader plugin for WordPress versions prior to 1.0 Description: The Mmm Unity Loader plugin for WordPress is susceptible to Stored Cross-Site Scripting via the attributes parameter due to insufficient input sanitization and output...
WordPress plugin Mmm Unity Loader 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
CVE-2020-7498
A CWE-798: Use of Hard-coded Credentials vulnerability exists in the Unity Loader and OS Loader Software all versions. The fixed credentials are used to simplify file transfer. Today the use of fixed credentials is considered a vulnerability, which could cause unauthorized access to the file...
Schneider Electric Unity Loader and OS Loader Software Trust Management Issues Vulnerability
Schneider Electric Unity Loader and OS Loader Software are both products of Schneider Electric, France.Unity Loader is a data exchange utility program.OS Loader Software is a system loading utility program. A trust management issue vulnerability exists in Schneider Electric Unity Loader and OS...
CVE-2020-7498
A CWE-798: Use of Hard-coded Credentials vulnerability exists in the Unity Loader and OS Loader Software all versions. The fixed credentials are used to simplify file transfer. Today the use of fixed credentials is considered a vulnerability, which could cause unauthorized access to the file...
Hardcoded credentials
A CWE-798: Use of Hard-coded Credentials vulnerability exists in the Unity Loader and OS Loader Software all versions. The fixed credentials are used to simplify file transfer. Today the use of fixed credentials is considered a vulnerability, which could cause unauthorized access to the file...
CVE-2020-7498
The CVE-2020-7498 entry concerns Schneider Electric Unity Loader and OS Loader Software (all versions) with a CWE-798 issue: the use of hard-coded credentials to simplify file transfers. This root cause means an attacker could potentially gain unauthorized access to the file transfer service used...
CVE-2020-7498
A CWE-798: Use of Hard-coded Credentials vulnerability exists in the Unity Loader and OS Loader Software all versions. The fixed credentials are used to simplify file transfer. Today the use of fixed credentials is considered a vulnerability, which could cause unauthorized access to the file...