EUVD-2015-4485

Malware in sbrugna...

EUVD-2023-33554

Malicious code in bioql PyPI...

CVE-2015-4465

Cross-site scripting XSS vulnerability in the zM Ajax Login & Register plugin before 1.1.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2017-20188 Zimbra zm-ajax XFormItem.js XFormItem.prototype.setError cross site scripting

A vulnerability has been found in Zimbra zm-ajax up to 8.8.1 and classified as problematic. Affected by this vulnerability is the function XFormItem.prototype.setError of the file WebRoot/js/ajax/dwt/xforms/XFormItem.js. The manipulation of the argument message leads to cross site scripting. The...

CVE-2017-20188

The CVE-2017-20188 entry concerns Zimbra zm-ajax (versions up to 8.8.1). The flaw is in XFormItem.prototype.setError (WebRoot/js/ajax/dwt/xforms/XFormItem.js), where manipulating the argument message yields cross-site scripting. The vulnerability can be exploited remotely with high attack complex...

Zimbra Cross-Site Scripting Vulnerability

Synacor Zimbra is an open source email collaboration platform from Synacor, Inc. A cross-site scripting vulnerability exists in Zimbra zm-ajax 8.8.1 and earlier versions, which stems from a cross-site scripting XSS vulnerability in function XFormItem.prototype.setError in file...

Wordfence Intelligence Weekly WordPress Vulnerability Report (Apr 10, 2023 to Apr 16, 2023)

Last week, there were 69 vulnerabilities disclosed in 60 WordPress plugins and 4 WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 32 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities i...

CVE-2023-2027

The ZM Ajax Login & Register plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.0.2. This is due to insufficient verification on the user being supplied during a Facebook login through the plugin. This makes it possible for unauthenticated attackers to...

CVE-2023-2027

ZM Ajax Login & Register for WordPress (CVE-2023-2027) is vulnerable to authentication bypass in versions up to 2.0.2 due to insufficient verification during Facebook login, enabling unauthenticated users to log in as an existing user (potentially an administrator) if they know the username. The ...

CVE-2023-2027 ZM Ajax Login & Register <= 2.0.2 - Authentication Bypass

The ZM Ajax Login & Register plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.0.2. This is due to insufficient verification on the user being supplied during a Facebook login through the plugin. This makes it possible for unauthenticated attackers to...

WordPress plugin ZM Ajax Login Register 授权问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

CVE-2015-4465

Cross-site scripting XSS vulnerability in the zM Ajax Login & Register plugin before 1.1.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2015-4153

Directory traversal vulnerability in the zM Ajax Login & Register plugin before 1.1.0 for WordPress allows remote attackers to include and execute arbitrary php files via a relative path in the template parameter in a loadtemplate action to wp-admin/admin-ajax.php...

Directory traversal

Directory traversal vulnerability in the zM Ajax Login & Register plugin before 1.1.0 for WordPress allows remote attackers to include and execute arbitrary php files via a relative path in the template parameter in a loadtemplate action to wp-admin/admin-ajax.php...

Cross site scripting

Cross-site scripting XSS vulnerability in the zM Ajax Login & Register plugin before 1.1.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2015-4465

CVE-2015-4465 concerns the WordPress plugin "zM Ajax Login & Register" prior to version 1.1.0. The vulnerability is a Cross-Site Scripting (XSS) flaw that allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. This affects the plugin’s input handling and could imp...

CVE-2015-4465

Cross-site scripting XSS vulnerability in the zM Ajax Login & Register plugin before 1.1.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2015-4153

The CVE-2015-4153 vulnerability affects the WordPress plugin zM Ajax Login & Register prior to 1.1.0. It allows remote attackers to perform local file inclusion by supplying a path in the template parameter of the load_template action to wp-admin/admin-ajax.php, leading to arbitrary PHP file incl...

WordPress ZM Ajax Login & Register Plugin <= 1.0.9 - XSS

This vulnerability allows an attacker to inject arbitrary web script or HTML via unspecified vectors. Solution Update the plugin...

CVE-2015-4153 - WordPress zM Ajax Login &amp; Register Plugin [Local File Inclusion]

Exploit Title: CVE-2015-4153 - WordPress zM Ajax Login & Register Plugin Local File Inclusion Date: 2015/06/01 Exploit Author: Panagiotis Vagenas Contact: https://twitter.com/panVagenas Vendor Homepage: http://zanematthew.com/ Software Link:...