EUVD-2024-25143

Malicious code in bioql PyPI...

Kirby 安全漏洞

Kirby is a file-based content management system CMS. A security vulnerability exists in Kirby versions 3.5.8.2 and earlier, 3.6.0 through 3.6.6.2, 3.7.0 through 3.7.5.1, 3.8.0 through 3.8.4, and 3.9.0 through 3.9.5, which stems from a vulnerability that allows an external visitor to update Kirby...

WordPress Ninja Forms Plugin < 3.5.8.2 XSS Vulnerability

The WordPress plugin Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...

NinjaForms < 3.5.8.2 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape the custom class name of the form field created, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. With the Form Builder "Dev Mode” setting enabled, create a form and a fiel...

Recently Patched Vulnerabilities in Ninja Forms Plugin Affect Over 1 Million Site Owners

On August 3, 2021 the Wordfence Threat Intelligence team initiated the responsible disclosure process for two vulnerabilities that were discovered in Ninja Forms, a WordPress plugin installed on over 1,000,000 sites. These flaws made it possible for an attacker to export sensitive information and...

[ MDVSA-2013:203 ] phpmyadmin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:203 http://www.mandriva.com/en/support/security/ Package : phpmyadmin Date : July 30, 2013 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: Multiple vulnerabilities has been discover...