WordPress Anti-Malware Security and Brute-Force Firewall plugin versions prior to 4.20.96 suffer from a cross site scripting vulnerability.
15deb4bb3fa3074a878f4ff2971d4437fe72194ad2e849ace53c61818887db29WordPress LayerSlider versions prior to 7.1.2 suffer from a persistent cross site scripting vulnerability.
233ee8cdcefede58dd027f8be9e66aa49dc17875ea99ad481954f410e434deb8WordPress WP Downgrade plugin versions prior to 1.2.3 suffer from a persistent cross site scripting vulnerability.
69670eeb08507b6e52ce6923413e57dcc50f60c892e1e6e96f503732e4cb8844WordPress UpdraftPlus versions prior to 1.22.9 suffers from a cross site scripting vulnerability.
7f58bd7c752a2ea2696ebc83162409fe030d7fad8a44a78e4179a5aad976cd39WordPress Hummingbird plugin versions prior to 3.3.2 suffers from a persistent cross site scripting vulnerability.
969dc3a879f05f95618233352ae956e5b07885f6bae05c8ee79499adcf514118WordPress Ad Inserter versions prior to 2.7.12 suffer from a cross site scripting vulnerability.
652db37affa3855340a258c91864a0ce8bdaf34f00f77d2ce010c203c6c62a77WordPress Loco Translate plugin versions prior to 2.6.1 suffer from a persistent cross site scripting vulnerability.
89947839a0f022f27bf4e7359d1a8f8308d5cfc0bacc3631b9f3c6128744b460WordPress versions 5.9 and below suffer from a cross site scripting vulnerability in the author and contributor roles. Per the researcher, WordPress is addressing this in their next release and considers this a medium severity vulnerability.
eb036d4467921c95f77944d1565e15824ae56f7f501944425c1be75fb150f82dBanco Guayaquil for iOS version 8.0.0 suffers from a script insertion vulnerability where a user can insert malicious code into their own name and could possibly be leveraged for attacks upstream. The security team for Banco Guayaquil contacted Packet Storm on 2022/02/08 to note that the issue has been addressed in new versions of the application.
67fd258d29a5a1f1144f15f1e4bbb69c7f2cb5738a374217e2ed9411f811c80eSB Admin suffers from cross site request forgery and remote SQL injection vulnerabilities.
bc481b1b6ef15e1c81979f3faa7fd5e035acbdc0fedd25844262c33dc6b8c43dZabbix versions 1.x through 5.x suffer from persistent cross site scripting and remote blind SQL injection vulnerabilities.
bf647ae7e57509e600b3f979c5812067e2640eb2f5161119921047214e00b055Xmind version 2020 suffers from a cross site scripting vulnerability that can lead to remote code execution.
9757c91e04673c755b25bf670240e785e7efcfe03755886d3fc690564d3f0c52Tagstoo version 2.0.1 suffers from a cross site scripting vulnerability that can lead to remote code execution.
1eb5ee17df8e3d6fecf9805a9846cb22510ce5fa5eeaef4c201a9d07719f29cdMarky version 0.0.1 suffers from a cross site scripting vulnerability that can lead to remote code execution.
8547108d134e78458c80db70cc0b18ca1d736a915bb1e639cc8fcb7a33251049StudyMD version 0.3.2 suffers from a cross site scripting vulnerability that can lead to remote code execution.
0ff9332b58d61f24aca94ed47835f37b98d8ca2e4f55f336db9b7d204b5998baSnipCommand version 0.1.0 suffers from a cross site scripting vulnerability that can lead to remote code execution.
92e4b128fffe9334009daffc74f886b760d48ca8bf11afbbe93a13ba3c4dfcd2Moeditor version 0.2.0 suffers from a cross site scripting vulnerability that can lead to remote code execution.
093b979ba75c8a308b73c7eff6a9e030b070e20498632044560f1774279ab55fMarkdownify version 1.2.0 suffers from a cross site scripting vulnerability that can lead to remote code execution.
024dcb90eab66768116b54f77c870cf874eeb87a45f3458b91e4ab6af36341d8Freeter version 1.2.1 suffers from a cross site scripting vulnerability that can lead to remote code execution.
aefa5446eb04b5607ea74077e00a080f1db5176e448b8fcf8c3270e271c1fa23Markdown-Explorer version 0.1.1 suffers from a cross site scripting vulnerability that can lead to remote code execution.
704b88cc89fb57edcc06d3e75c2d5b1b52e9b90344ca30eda5d352f94fd8047fMarkright version 1.0 suffers from a cross site scripting vulnerability that can lead to remote code execution.
09b67da5fb35a8998c1ecc154be14311f05f6ba649c8a811e5e3e2b41a053e0bAnote version 1.0 suffers from a cross site scripting vulnerability that can lead to remote code execution.
0305c3d78ba40c3a2c80a1a49b62e54b31c32ce83419559ee9bfe539d4703854Carpool Web App version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
59a259c25163c286ef0a6754b85718a9de6eee039a19ad87f2df3e49ef31b76bBiesta Billing version 4.0 Beta suffers from cross site request forgery and directory traversal vulnerabilities.
1dbc8d21c6556545a544de74ed9e813e4cb5d2098b52219b9c607c83be2a4e40Koken versions 0.22.7 and 0.22.11 suffer from multiple cross site scripting vulnerabilities.
9fe51081577a7f4582734f5ebf704d8cee00e997d6879736d50ed304ecb185c4
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed