EUVD-2023-54160

Malicious code in bioql PyPI...

EUVD-2024-29931

Malicious code in bioql PyPI...

CVE-2024-32109

Cross-Site Request Forgery CSRF vulnerability in Julien Berthelot / MPEmbed.Com WP Matterport Shortcode allows Cross Site Request Forgery.This issue affects WP Matterport Shortcode: from n/a through 2.1.9...

CVE-2024-32109

Cross-Site Request Forgery CSRF vulnerability in Julien Berthelot / MPEmbed.Com WP Matterport Shortcode allows Cross Site Request Forgery.This issue affects WP Matterport Shortcode: from n/a through 2.1.9...

CVE-2024-32109

CVE-2024-32109 is a Cross-Site Request Forgery (CSRF) vulnerability in the WP Matterport Shortcode. Affected: Matterport Shortcode versions up to 2.1.9 (n/a through 2.1.9). CVSS 3.1 base score 4.3 (Medium). No patch/remediation details are provided in the supplied documents; exploitation status i...

CVE-2024-32109 WordPress WP Matterport Shortcode plugin <= 2.1.9 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Julien Berthelot / MPEmbed.Com WP Matterport Shortcode allows Cross Site Request Forgery.This issue affects WP Matterport Shortcode: from n/a through 2.1.9...

CVE-2023-4289

The WP Matterport Shortcode WordPress plugin before 2.1.8 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attac...

CVE-2023-4289

Summary (CVE-2023-4289) : The WP Matterport Shortcode WordPress plugin prior to version 2.1.8 fails to validate and escape certain shortcode attributes before output, enabling stored XSS for users with the Contributor role and higher when the shortcode is embedded on a page/post. Affected softwar...

CVE-2023-4290 WP Matterport Shortcode < 2.1.7 - Reflected XSS

The WP Matterport Shortcode WordPress plugin before 2.1.7 does not escape the PHPSELF server variable when outputting it in attributes, leading to Reflected Cross-Site Scripting issues which could be used against high privilege users such as admin...

CVE-2023-4290 WP Matterport Shortcode < 2.1.7 - Reflected XSS

The WP Matterport Shortcode WordPress plugin before 2.1.7 does not escape the PHPSELF server variable when outputting it in attributes, leading to Reflected Cross-Site Scripting issues which could be used against high privilege users such as admin...

PT-2023-28628 · WordPress · Wp Matterport Shortcode

Name of the Vulnerable Software and Affected Versions: WP Matterport Shortcode WordPress plugin versions prior to 2.1.8 Description: The issue is related to the WP Matterport Shortcode WordPress plugin, which does not validate and escape some of its shortcode attributes before outputting them bac...

CVE-2023-35094 WordPress WP Matterport Shortcode Plugin <= 2.1.4 is vulnerable to Cross Site Scripting (XSS)

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Julien Berthelot / MPEmbed WP Matterport Shortcode plugin = 2.1.4 versions...

CVE-2023-35094

CVE-2023-35094 affects the WordPress plugin MPEmbed WP Matterport Shortcode. The connected Patchstack entry confirms a stored Cross-Site Scripting (XSS) vulnerability in versions

WordPress WP Matterport Shortcode Plugin <= 2.1.4 is vulnerable to Cross Site Scripting (XSS)

Software WP Matterport Shortcode Type Plugin Vulnerable versions = 2.1.4 Fixed in 2.1.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-35094 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 896701a47def Credits yuyudhn Require...