3 matches found
EUVD-2026-43130
The Motors – Car Dealership & Classified Listings Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Comment Content and User Biographical Info in all versions up to, and including, 1.4.112 due to insufficient input sanitization and output escaping. This makes it possibl...
CVE-2022-21678 User's bio visible even if profile is restricted in Discourse
Discourse is an open source discussion platform. Prior to version 2.8.0.beta11 in the tests-passed branch, version 2.8.0.beta11 in the beta branch, and version 2.7.13 in the stable branch, the bios of users who made their profiles private were still visible in the tags on their users' pages. The...
PT-2022-15030 · Discourse · Discourse
Name of the Vulnerable Software and Affected Versions: Discourse versions prior to 2.8.0.beta11 in the tests-passed branch Discourse versions prior to 2.8.0.beta11 in the beta branch Discourse versions prior to 2.7.13 in the stable branch Description: The bios of users who made their profiles...