18 matches found
EUVD-2024-30565
Malicious code in bioql PyPI...
CVE-2024-32779
Missing Authorization vulnerability in Avirtum Vision Interactive.This issue affects Vision Interactive: from n/a through 1.7.1...
CVE-2024-32779
Missing Authorization vulnerability in Avirtum Vision Interactive.This issue affects Vision Interactive: from n/a through 1.7.1...
CVE-2024-32779 WordPress Vision – Image Map Builder plugin <= 1.7.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Avirtum Vision Interactive.This issue affects Vision Interactive: from n/a through 1.7.1...
CVE-2024-32779 WordPress Vision – Image Map Builder plugin <= 1.7.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Avirtum Vision Interactive.This issue affects Vision Interactive: from n/a through 1.7.1...
CVE-2024-32779
Technical details (affected product/version, root cause, exploit information, remediation) are not publicly provided in the supplied documents. The CVE-2024-32779 entry notes a Missing Authorization issue in Vision Interactive up to 1.7.1, but no technical specifics or fixes are included here; mo...
WordPress plugin Vision Interactive security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress Vision Interactive Plugin <= 1.7.1 is vulnerable to Broken Access Control
Software Vision Interactive Type Plugin Vulnerable versions = 1.7.1 Fixed in 1.7.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-32779 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID ed5556ff45af Credits Steven Julian Required...
CVE-2022-4391
The Vision Interactive For WordPress plugin through 1.5.3 does not sanitise and escape some of its settings, which could allow users such as contributor+ to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
Cross site scripting
The Vision Interactive For WordPress plugin through 1.5.3 does not sanitise and escape some of its settings, which could allow users such as contributor+ to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2022-4391
The Vision Interactive For WordPress plugin (versions ≤ 1.5.3) contains a Stored XSS risk due to inadequate sanitization/escaping of some settings, allowing low-privilege users (e.g., Contributor+) to inject scripts even when unfiltered_html is disallowed. The issue is documented across multiple ...
CVE-2022-4391 Vision Interactive For WordPress <= 1.5.3 - Contributor+ Stored XSS
The Vision Interactive For WordPress plugin through 1.5.3 does not sanitise and escape some of its settings, which could allow users such as contributor+ to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2022-4391 Vision Interactive For WordPress <= 1.5.3 - Contributor+ Stored XSS
The Vision Interactive For WordPress plugin through 1.5.3 does not sanitise and escape some of its settings, which could allow users such as contributor+ to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
WordPress Plugin Vision Interactive For WordPress 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
PT-2023-14394 · WordPress · Vision Interactive
Name of the Vulnerable Software and Affected Versions: The Vision Interactive For WordPress plugin versions 1.5.3 and earlier Description: The issue allows users, such as contributor+, to perform Stored Cross-Site Scripting attacks, even when the unfiltered html capability is disallowed, due to t...
Vision Interactive For WordPress < 1.5.4 - Contributor+ Stored XSS
The plugin does not sanitise and escape some of its settings, which could allow users such as contributor+ to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. 1. Create a new vision item with whatever role, even if it's an Administrator 2. Connect...
WordPress Vision Interactive plugin < 1.5.2 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by WPScanTeam in WordPress Vision Interactive plugin versions 1.5.2. Solution Update the WordPress Vision Interactive plugin to the latest available version at least 1.5.2...
Vision Interactive - SQL Injection / Cross-Site Scripting Vulnerabilities
Exploit for php platform in category web applications Exploit Title: Vision Interactive - SQL Injection and Cross-Site Scripting Google Dork: "Powered by Vision Interactive" Date: 04/02/2014 ontact: FB /7h38357 Exploit Author: X-Line Empire North Vendor Homepage: www.visioninteractive.ma Software...