EUVD-2024-28366

Malicious code in bioql PyPI...

EUVD-2024-26907

Malicious code in bioql PyPI...

CVE-2024-30445

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GhozyLab, Inc. Web Icons allows Stored XSS.This issue affects Web Icons: from n/a through 1.0.0.10...

CVE-2024-29933

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GhozyLab, Inc. Web Icons allows Stored XSS.This issue affects Web Icons: from n/a through 1.0.0.10...

MAL-2024-11255 Malicious code in @agilent/web-icons (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in @agilent/web-icons (npm)

--- -= Per source details. Do not edit below this line.=-...

Web Icons < 1.0.0.11 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The Web Icons plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.0.0.10 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject...

Web Icons < 1.0.0.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Description The Web Icons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode in all versions up to, and including, 1.0.0.10 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2024-30445

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GhozyLab, Inc. Web Icons allows Stored XSS.This issue affects Web Icons: from n/a through 1.0.0.10...

CVE-2024-30445

Technical details for CVE-2024-30445 are not provided in the connected documents. Public disclosure appears limited to the initial description; monitor for official vendor advisories and CVE database updates for affected products, versions, impact, and remediation.

CVE-2024-30445 WordPress Web Icons plugin <= 1.0.0.10 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GhozyLab, Inc. Web Icons allows Stored XSS.This issue affects Web Icons: from n/a through 1.0.0.10...

WordPress Plugin Web Icons 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

PT-2024-23373 · Ghozylab · Web Icons

Name of the Vulnerable Software and Affected Versions: GhozyLab, Inc. Web Icons versions n/a through 1.0.0.10 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker...

WordPress Web Icons Plugin <= 1.0.0.10 is vulnerable to Cross Site Scripting (XSS)

Software Web Icons Type Plugin Vulnerable versions = 1.0.0.10 Fixed in 1.0.0.11 OWASP Top 10 A4: Insecure Design Classification Cross Site Scripting XSS CVE CVE-2024-30445 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 4f47e40e4725 Credits Steven Julian Required privilege...

CVE-2024-29933

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GhozyLab, Inc. Web Icons allows Stored XSS.This issue affects Web Icons: from n/a through 1.0.0.10...

CVE-2024-29933 WordPress Web Icons plugin <= 1.0.0.10 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GhozyLab, Inc. Web Icons allows Stored XSS.This issue affects Web Icons: from n/a through 1.0.0.10...

CVE-2024-29933 WordPress Web Icons plugin <= 1.0.0.10 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GhozyLab, Inc. Web Icons allows Stored XSS.This issue affects Web Icons: from n/a through 1.0.0.10...

CVE-2024-29933

CVE-2024-29933 is a stored XSS vulnerability in GhozyLab Web Icons (WordPress plugin). The issue is described as Improper Neutralization of Input During Web Page Generation, enabling stored cross-site scripting. Affected range cited includes Web Icons versions from n/a through 1.0.0.10. This alig...

WordPress Plugin Web Icons 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

WordPress Web Icons Plugin <= 1.0.0.10 is vulnerable to Cross Site Scripting (XSS)

Software Web Icons Type Plugin Vulnerable versions = 1.0.0.10 Fixed in 1.0.0.11 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29933 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 92c4582be5aa Credits LVT-tholv2k Required privilege...