EUVD-2024-52144

Malicious code in bioql PyPI...

CVE-2024-11757 WP GeoNames <= 1.9.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The WP GeoNames plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wp-geonames' shortcode in all versions up to, and including, 1.9.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2024-11757

CVE-2024-11757 affects the WordPress plugin WP GeoNames (vulnerable through the wp-geonames shortcode). The issue is Stored XSS caused by insufficient input sanitization and output escaping on user-supplied attributes, allowing authenticated attackers with contributor-level access (and above) to ...

CVE-2024-11757 WP GeoNames <= 1.9.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The WP GeoNames plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wp-geonames' shortcode in all versions up to, and including, 1.9.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

PT-2024-17235 · WordPress · Wp Geonames

Name of the Vulnerable Software and Affected Versions: WP GeoNames plugin for WordPress versions up to, and including, 1.9.0.1 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'wp-geonames' shortcode due to insufficient input sanitization and output escaping on...

CVE-2024-53812

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jacques Malgrange WP GeoNames wp-geonames allows Reflected XSS.This issue affects WP GeoNames: from n/a through = 1.8...

CVE-2024-53812

CVE-2024-53812 is a reflected Cross-Site Scripting (XSS) vulnerability in the WordPress WP GeoNames plugin (versions 1.8 and earlier). Connected sources confirm the issue arises from improper input neutralization during web page generation and allows Reflected XSS. Affected software is WP GeoNames (

CVE-2024-53812 WordPress WP GeoNames plugin <= 1.8 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jacques Malgrange WP GeoNames allows Reflected XSS.This issue affects WP GeoNames: from n/a through 1.8...

CVE-2024-53812 WordPress WP GeoNames plugin <= 1.8 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jacques Malgrange WP GeoNames wp-geonames allows Reflected XSS.This issue affects WP GeoNames: from n/a through = 1.8...