7 matches found
PT-2025-45561
Name of the Vulnerable Software and Affected Versions Mail Mint plugin for WordPress versions prior to 1.18.11 Description The Mail Mint plugin for WordPress is susceptible to arbitrary file uploads because of a lack of file type validation within the process contact attribute import function. Th...
EUVD-2023-44783
Malicious code in bioql PyPI...
CVE-2023-37874
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Dimitar Ivanov HTTP Headers plugin = 1.18.11 versions...
CVE-2023-40183
DataEase is an open source data visualization and analysis tool. Prior to version 1.18.11, DataEase has a vulnerability that allows an attacker to to obtain user cookies. The program only uses the ImageIO.read method to determine whether the file is an image file or not. There is no whitelisting...
Code injection
DataEase is an open source data visualization and analysis tool. Prior to version 1.18.11, DataEase has a vulnerability that allows an attacker to to obtain user cookies. The program only uses the ImageIO.read method to determine whether the file is an image file or not. There is no whitelisting...
DataEase Code Issues Vulnerabilities
DataEase is an open source data visualization and analysis tool. It is used to help users quickly analyze data and gain insight into business trends to achieve business improvement and optimization. A code issue vulnerability exists in DataEase versions prior to 1.18.11. The vulnerability stems...
CVE-2023-37874
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Dimitar Ivanov HTTP Headers plugin = 1.18.11 versions...