akincibor.eth
akincibor.eth
### Template / PR Information - Fixed CVE-2020-XXX / Added CVE-2020-XXX / Updated CVE-2020-XXX - References: ### Template Validation I've validated this template locally? - [ ] YES - [...
### Template / PR Information - Fixed CVE-2020-XXX / Added CVE-2020-XXX / Updated CVE-2020-XXX - References: ### Template Validation I've validated this template locally? - [ ] YES - [...
```yaml id: spectra-xss info: name: Spectra < 1.25.6 - Reflected Cross-Site Scripting author: Akincibor severity: medium description: The plugin does not escape some URLs before outputting them back in attributes,...
```yaml id: spring-boot-actuators-sqli info: name: Spring Boot Actuators - SQLi author: Akincibor severity: high description: A misconfiguration allows you to specify any SQL query, and it will be automatically executed...
```yaml id: download-manager-xss info: name: Download Manager < 3.2.44 - Unauthenticated Reflected Cross-Site Scripting author: Akincibor severity: medium description: The plugin does not escape a generated URL before outputting it...
```yaml id: CVE-2022-1910 info: name: Shortcodes and extra features for Phlox theme < 2.9.8 - Reflected Cross-Site-Scripting author: Akincibor severity: medium description: The plugin does not sanitise and escape a...
```yaml id: CVE-2022-1933 info: name: CDI < 5.1.9 - Reflected Cross-Site-Scripting author: Akincibor severity: medium description: The plugin does not sanitise and escape a parameter before outputting it back in...
```yaml id: easy-testimonials-xss info: name: Easy Testimonials < 3.9 - Reflected Cross-Site Scripting author: Akincibor severity: medium description: The plugin, when used along the Pro version, does not escape an...
```yaml id: CVE-2022-1916 info: name: Active Products Tables for WooCommerce < 1.0.5 - Reflected Cross-Site-Scripting author: Akincibor severity: medium description: The plugin does not sanitise and escape a parameter before...
```yaml id: CVE-2021-25104 info: name: Ocean Extra < 1.9.5 - Reflected Cross-Site Scripting author: Akincibor severity: medium description: The plugin does not escape generated links which are then used when...