32 matches found
EUVD-2019-16843
Malware in sbrugna...
EUVD-2014-1160
Malware in sbrugna...
EUVD-2014-1159
Malware in sbrugna...
EUVD-2025-8529
Malicious code in bioql PyPI...
CVE-2014-10391
The wp-support-plus-responsive-ticket-system plugin before 4.1 for WordPress has JavaScript injection...
CVE-2025-31092
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ninja Team Click to Chat – WP Support All-in-One Floating Widget support-chat allows Stored XSS.This issue affects Click to Chat – WP Support All-in-One Floating Widget: from n/a through = 2.3.4...
CVE-2025-31092
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ninja Team Click to Chat – WP Support All-in-One Floating Widget support-chat allows Stored XSS.This issue affects Click to Chat – WP Support All-in-One Floating Widget: from n/a through = 2.3.4...
CVE-2024-10055 Click to Chat – WP Support All-in-One Floating Widget <= 2.3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via wpsaio_snapchat Shortcode
The Click to Chat – WP Support All-in-One Floating Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpsaiosnapchat shortcode in all versions up to, and including, 2.3.3 due to insufficient input sanitization and output escaping on user supplied attributes...
WordPress Click to Chat – WP Support All-in-One Floating Widget Plugin <= 2.3.3 is vulnerable to Cross Site Scripting (XSS)
Software Click to Chat – WP Support All-in-One Floating Widget Type Plugin Vulnerable versions = 2.3.3 Fixed in 2.3.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10055 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID...
CVE-2024-49281
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Ninja Team Click to Chat – WP Support All-in-One Floating Widget support-chat allows Stored XSS.This issue affects Click to Chat – WP Support All-in-One Floating Widget: from n/a through =...
WordPress Click to Chat – WP Support All-in-One Floating Widget Plugin <= 2.3.3 is vulnerable to Cross Site Scripting (XSS)
Software Click to Chat – WP Support All-in-One Floating Widget Type Plugin Vulnerable versions = 2.3.3 Fixed in 2.3.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-49281 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 953e712df67a Credits...
WordPress wp-support-plus-responsive-ticket-system plugin cross-site scripting vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. wp-support-plus-responsive-ticket-system is a ticket system plugin used in it. A cross-site scripting vulnerability exists in WordPres...
CVE-2014-10388
The wp-support-plus-responsive-ticket-system plugin before 4.2 for WordPress has full path disclosure...
Design/Logic Flaw
The wp-support-plus-responsive-ticket-system plugin before 7.1.0 for WordPress has insecure direct object reference via a ticket number...
Design/Logic Flaw
The wp-support-plus-responsive-ticket-system plugin before 4.1 for WordPress has JavaScript injection...
Sql injection
The wp-support-plus-responsive-ticket-system plugin before 4.2 for WordPress has SQL injection...
CVE-2019-15331
The CVE-2019-15331 entry concerns the WordPress plugin wp-support-plus-responsive-ticket-system, affected in all versions prior to 9.1.2. Multiple connected sources confirm a vulnerability described as HTML injection / stored cross-site scripting (XSS) in this plugin. The vulnerability stems from...
CVE-2016-10930
The CVE-2016-10930 entry concerns the WordPress plugin WP Support Plus Responsive Ticket System. Affected component: the wp-support-plus-responsive-ticket-system plugin for WordPress. Root cause: insecure direct object reference via a ticket number in the plugin prior to version 7.1.0. Impact: po...
CVE-2014-10387
The wp-support-plus-responsive-ticket-system plugin before 4.2 for WordPress has SQL injection...
CVE-2014-10387
The CVE-2014-10387 incident concerns the WordPress plugin WP Support Plus Responsive Ticket System (affected: before version 4.2). The vulnerability is an SQL injection in the plugin, exposing potential disclosure/modification of data and impact to availability, as indicated by CVSS metrics (UP t...