Nixpkgs security tracker

Login with GitHub

⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestion detail

Untriaged

Permalink CVE-2023-26008

5.9 MEDIUM

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): HIGH
User interaction (UI): REQUIRED
Scope (S): CHANGED
Confidentiality impact (C): LOW
Integrity impact (I): LOW
Availability impact (A): LOW

created 1 year, 1 month ago

WordPress Top 10 Plugin <= 3.2.4 is vulnerable to Cross Site Scripting (XSS)

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Ajay D'Souza Top 10 – Popular posts plugin for WordPress plugin <= 3.2.4 versions.

References

https://patchstack.com/database/vulnerability/top-10/wordpress-top-10-plugin-3-… x_transferredvdb-entry

Affected products

top-10

=<3.2.4

Matching in nixpkgs

pkgs.budgie-desktop

Feature-rich, modern desktop designed to keep out the way of the user

nixos-unstable 10.9.2
- nixpkgs-unstable 10.9.2
- nixos-unstable-small 10.9.2

pkgs.gnomeExtensions.pip-on-top

Makes "Picture-in-Picture" windows stay on top (even on Wayland session). Compatible with Firefox, but may work with few other browsers too.

nixos-unstable 10
- nixpkgs-unstable 10
- nixos-unstable-small 10

pkgs.gnomeExtensions.show-apps-at-top

Put show apps icon at top in Gnome default dash

nixos-unstable 10
- nixpkgs-unstable 10

Package maintainers

@bobby285271 Bobby Rong <rjl931189261@126.com>
@getchoo Seth Flynn <getchoo@tuta.io>
@honnip Jung seungwoo <me@honnip.page>