2 matches found
CVE-2024-8803 Bulk NoIndex & NoFollow Toolkit <= 2.15 - Reflected Cross-Site Scripting
The Bulk NoIndex & NoFollow Toolkit plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of removequeryarg without appropriate escaping on the URL in all versions up to, and including, 2.15. This makes it possible for unauthenticated attackers to inject arbitrary we...
IBM Sterling B2B Integrator Clickjacking Vulnerability
IBM Sterling B2B Integrator is a suite of software that integrates essential B2B processes, transactions and relationships. IBM Sterling B2B Integrator suffers from a security vulnerability that allows a remote attacker to hijack a user's click-to-action by sending a specially crafted HTTP reques...