7 matches found
WordPress Uptodown APK Download Widget plugin <= 0.1.10 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zaim in WordPress Plugin Uptodown APK Download Widget versions = 0.1.10...
EUVD-2024-50869
Malicious code in bioql PyPI...
CVE-2024-12453
The Uptodown APK Download Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'utd-widget' shortcode in all versions up to, and including, 0.1.10 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible fo...
CVE-2024-12453
The Uptodown APK Download Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'utd-widget' shortcode in all versions up to, and including, 0.1.10 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible fo...
CVE-2024-12453
CVE-2024-12453 affects the Uptodown APK Download Widget for WordPress. It is a Stored Cross-Site Scripting vulnerability in the utd-widget shortcode due to insufficient input sanitization and output escaping on user-supplied attributes. Affected versions are all up to 0.1.2. Exploitation requires...
CVE-2024-12453 Uptodown APK Download Widget <= 0.1.10 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Uptodown APK Download Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'utd-widget' shortcode in all versions up to, and including, 0.1.10 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible fo...
CVE-2024-12453 Uptodown APK Download Widget <= 0.1.10 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Uptodown APK Download Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'utd-widget' shortcode in all versions up to, and including, 0.1.10 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible fo...