23 matches found
CVE-2016-10919
The wassup plugin before 1.9.1 for WordPress has XSS via the Top stats widget or the wassupURI::addsiteurl method, a different vulnerability than CVE-2012-2633...
EUVD-2008-0530
Malware in sbrugna...
EUVD-2016-1913
Malware in sbrugna...
EUVD-2012-2619
Malware in sbrugna...
EUVD-2023-57946
Malicious code in bioql PyPI...
CVE-2023-5653
The WassUp Real Time Analytics WordPress plugin through 1.9.4.5 does not escape IP address provided via some headers before outputting them back in an admin page, allowing unauthenticated users to perform Stored XSS attacks against logged in admins...
CVE-2023-5653
The WassUp Real Time Analytics WordPress plugin through 1.9.4.5 does not escape IP address provided via some headers before outputting them back in an admin page, allowing unauthenticated users to perform Stored XSS attacks against logged in admins...
CVE-2023-5653
The WassUp Real Time Analytics WordPress plugin through 1.9.4.5 does not escape IP address provided via some headers before outputting them back in an admin page, allowing unauthenticated users to perform Stored XSS attacks against logged in admins...
CVE-2016-10919
The wassup plugin before 1.9.1 for WordPress has XSS via the Top stats widget or the wassupURI::addsiteurl method, a different vulnerability than CVE-2012-2633...
CVE-2016-10919
The wassup plugin before 1.9.1 for WordPress has XSS via the Top stats widget or the wassupURI::addsiteurl method, a different vulnerability than CVE-2012-2633...
CVE-2016-10919
The vulnerability CVE-2016-10919 affects the WordPress WassUp Real Time Analytics plugin (versions before 1.9.1). It allows stored or reflected XSS via the Top stats widget or the wassupURI::add_siteurl method, enabling an attacker to inject arbitrary script when the affected plugin renders conte...
WordPress Plugin WassUp Real Time Analytics 1.9 - Persistent Cross-Site Scripting
Source: https://sumofpwn.nl/advisory/2016/persistentcrosssitescriptinginwassuprealtimeanalyticswordpressplugin.html Persistent Cross-Site Scripting in WassUp Real Time Analytics WordPress Plugin Abstract A stored Cross-Site Scripting XSS vulnerability has been found in the WassUp Real Time...
WordPress WassUp Real Time Analytics 1.9 Cross Site Scripting
------------------------------------------------------------------------ Persistent Cross-Site Scripting in WassUp Real Time Analytics WordPress Plugin ------------------------------------------------------------------------ Burak Kelebek, October 2016...
CVE-2012-2633
Cross-site scripting XSS vulnerability in wassup.php in the WassUp plugin before 1.8.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header...
Cross site scripting
Cross-site scripting XSS vulnerability in wassup.php in the WassUp plugin before 1.8.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header...
CVE-2012-2633
Cross-site scripting XSS vulnerability in wassup.php in the WassUp plugin before 1.8.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header...
CVE-2012-2633
The CVE-2012-2633 entry concerns a Cross-site scripting (XSS) vulnerability in the WassUp WordPress plugin, specifically in wassup.php, allowing an attacker to inject arbitrary script/HTML via the User-Agent header. Affected versions are WassUp for WordPress before 1.8.3.1. Mitigation noted in so...
Wassup < 1.8.3.1 - XSS
The WassUp Real Time Analytics WordPress plugin was affected by a XSS security vulnerability...
WordPress WassUp Plugin <= 1.8.3.0 - XSS
Because of this vulnerability in wassup.php, the attackers can inject arbitrary web script or HTML via the User-Agent HTTP header. Solution Update the plugin...
Sql injection
Multiple SQL injection vulnerabilities in main.php in the WassUp plugin 1.4 through 1.4.3 for WordPress allow remote attackers to execute arbitrary SQL commands via the 1 fromdate or 2 todate parameter to spy.php...