4 results (0.006 seconds)

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

Cross-site scripting vulnerability in Zoho SalesIQ 1.0.8 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Una vulnerabilidad de tipo cross-site-scripting (XSS) en Zoho SalesIQ versión 1.0.8 y anteriores, permite a los atacantes remotos inyectar script web o HTML arbitrario por medio de vectores no especificados. • https://jvn.jp/en/jp/JVN88962935/index.html https://wordpress.org/plugins/zoho-salesiq https://wpvulndb.com/vulnerabilities/9433 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

The zoho-salesiq plugin before 1.0.9 for WordPress has CSRF. El plugin zoho-salesiq versiones anteriores a 1.0.9 para WordPress, tiene una vulnerabilidad de tipo CSRF. • https://wordpress.org/plugins/zoho-salesiq/#developers https://wpvulndb.com/vulnerabilities/9433 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

The zoho-salesiq plugin before 1.0.9 for WordPress has stored XSS. El plugin zoho-salesiq versiones anteriores a 1.0.9 para WordPress, tiene una vulnerabilidad de tipo XSS almacenado. • https://wordpress.org/plugins/zoho-salesiq/#developers https://wpvulndb.com/vulnerabilities/9433 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

Cross-site request forgery (CSRF) vulnerability in Zoho SalesIQ 1.0.8 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. Una vulnerabilidad de tipo cross-site request forgery (CSRF) en Zoho SalesIQ versión 1.0.8 y anteriores, permite a los atacantes remotos secuestrar la autenticación de administradores por medio de vectores no especificados. • https://jvn.jp/en/jp/JVN88962935/index.html https://wordpress.org/plugins/zoho-salesiq https://wpvulndb.com/vulnerabilities/9433 • CWE-352: Cross-Site Request Forgery (CSRF) •