Webmin through 1.991, when the Authentic theme is used, allows remote code execution when a user has been manually created (i.e., not created in Virtualmin or Cloudmin). This occurs because settings-editor_write.cgi does not properly restrict the file parameter.

CVE-2022-30708: Webmin

Authenticated (contributor or higher role) Cross-Site Scripting (XSS) vulnerability in Donations plugin <= 1.8 on WordPress.

*   Details
*   Reviews
*   Support
*   Development

This plugin has been closed as of February 28, 2022 and is not available for download. Reason: Security Issue.

There is no way to edit the 'insert custom value' in the form page. it gets confusing for site visitor as an 'insert amount' would be certainly clearer. All in all, a very good plugin

Failed FAQ, no any reply to the question u asked

Hello this is great. LARGE DAMAGE: PAYMENT "STRIPE" NOT CONSIDERED. ONLY PAYPAL

Read all 8 reviews

“Donations” is open source software. The following people have contributed to this plugin.

Contributors

*    nicdark

CVE-2022-29433: Donations

WAVLINK WN535 G3 was discovered to contain a cross-site scripting (XSS) vulnerability via the hostname parameter at /cgi-bin/login.cgi.

    POST /cgi-bin/login.cgi HTTP/1.1 Host: 98.127.66.193 Content-Length: 255 Cache-Control: max-age=0 Upgrade-Insecure-Requests: 1 Origin: http://98.127.66.193 Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer: http://98.127.66.193/ Accept-Encoding: gzip, deflate Accept-Language: zh-CN,zh;q=0.9 Connection: close newUI=1&page=login&username=admin&langChange=0&ipaddr=171.113.240.243&login_page=login.shtml&homepage=main.shtml&sysinitpage=sysinit.shtml&hostname=")&lt;/&gt;&lt;&gt;alert(1)&lt;/&gt;&key=M27234733&password=63a36bceec2d3bba30d8611c323f4cda&lang_=cn

CVE-2022-30489: GitHub - badboycxcc/XSS-CVE-2022-30489

CVE-2022-30489: GitHub - badboycxcc/XSS

Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via key parameter to the getGoogleExtraConfig task.

**Get to Know MicroStrategy**

Our company vision is intelligence everywhere. Our analytics platform delivers answers, and gets results. Our entire company is committed to your success.

**Pilot Enterprise Analytics**

Quickly deploy consumer-grade BI experiences for every role, on any device, with the platform that provides sub-second response at enterprise scale.

**Make your applications intelligent with Embedded Analytics**

Deliver in-context insights and analysis in any application and on any device. 

**Drive more value with MicroStrategy Cloud    **

Drive digital transformation and scale with confidence.

**Success Stories**

Hear stories from our customers and partners about how they use MicroStrategy to be a more Intelligent Enterprise.

**Featured Customer: Sainsbury's**

Learn how leading UK retailer Sainsbury’s democratized its data to empower every colleague from the store floor to the C-suite, powered by MicroStrategy.

**Featured Customer: Schwarz Group**

Explore how Schwarz IT enables brands like Lidl and Kaufland to drive global business impact with an enterprise analytics strategy, powered by MicroStrategy.

**Featured Customer: NICE**

Discover how AI-powered innovation and cloud-native technologies help NICE deliver the world’s leading cloud CX platform, with data and analytics visualization from MicroStrategy.

**Find Solutions with MicroStrategy**

Build consumer-grade intelligence applications, empower users with data discovery, and seamlessly push content to employees, partners, and customers in minutes.

01:30

**Overview of the MicroStrategy Platform**

Discover the power of MicroStrategy, the modern, open, enterprise BI platform that delivers intelligence everywhere. Watch this overrview to learn everything you need to know.

37753 views · April 01, 2021

31:41

**Data Storytelling with Dossiers**

Did you know you can easily build no-code analytics applications with MicroStrategy Dossiers? In this session from MicroStrategy World 2022, experts introduced the art of data storytelling.

960 views · February 02, 2022

08:57

**Overview of MicroStrategy Mobile**

Watch the MicroStrategy team review how to integrate context-rich analytics and collaborative workflows with powerful no-code mobile applications. Learn more about traditional mobile applications from the MicroStrategy platform.

3727 views · September 22, 2020

06:27

**Trusted Data for Excel, BI Tools, and Data Science Tools**

Leverage the power of the industry's strongest semantic graph. Watch this to learn how MicroStrategy will help you get the most out of Excel and other BI applications. The tools you love, with data you can trust.

4052 views · September 22, 2020

**HyperIntelligence**

Deploy analytics beyond the analyst by injecting insights and actions into the applications and websites your people use every day.

00:44

**Introduction to HyperIntelligence**

With HyperIntelligence, deliver instant insights into your everyday applications with no code to make informed decisions and take action faster.

26031 views · November 18, 2019

**Embedded Intelligence**

Learn about MicroStrategy's #1 rated platform for Embedded Analytics.

01:00

**Make your Applications Intelligent with Embedded Analytics**

MicroStrategy’s #1-rated Embedded Analytics platform provides faster in-context insights and analysis in any application and on any device. Extend analytics into portals and applications, allowing users to take advantage of actionable insights in their day-to-day workflows.

1007 views · October 14, 2021

11:35

**Overview of MicroStrategy Embedded Analytics**

MicroStrategy is the industry leader for application development and embedded analytics. Watch this video to learn more about the functionality related to customization and embedded analytics.

4023 views · May 29, 2020

**Cloud Intelligence**

The fastest, most efficient way to run your Intelligent Enterprise.

03:01

**What to Expect From Your Cloud Migration**

"Learn how you’ll collaborate with our MicroStrategy experts to ensure easy and efficient migration to the cloud—in a matter of weeks with no disruption to your users. "

681 views · June 22, 2021

43:31

**Top Trends: The Future of Cloud Computing**

Explore the top cloud trends on the horizon and learn to leverage robust application and infrastructure security to ensure integrity across a robust suite of analytics applications.

81 views · February 02, 2022

**Resources**

**Partners**

16:23

**Exasol: Turbocharging the BI Stack**

This session showcases how to accelerate time to insights and how to future-proof your MicroStrategy environment by adding Exasol to your data stack.

40 views · February 10, 2022

CVE-2020-22984: Business Intelligence & Analytics Solutions

**Get to Know MicroStrategy**

Our company vision is intelligence everywhere. Our analytics platform delivers answers, and gets results. Our entire company is committed to your success.

**Pilot Enterprise Analytics**

Quickly deploy consumer-grade BI experiences for every role, on any device, with the platform that provides sub-second response at enterprise scale.

**Make your applications intelligent with Embedded Analytics**

Deliver in-context insights and analysis in any application and on any device. 

**Drive more value with MicroStrategy Cloud    **

Drive digital transformation and scale with confidence.

**Success Stories**

Hear stories from our customers and partners about how they use MicroStrategy to be a more Intelligent Enterprise.

**Featured Customer: Sainsbury's**

Learn how leading UK retailer Sainsbury’s democratized its data to empower every colleague from the store floor to the C-suite, powered by MicroStrategy.

**Featured Customer: Schwarz**

Explore how Schwarz IT enables brands like Lidl and Kaufland to drive global business impact with an enterprise analytics strategy, powered by MicroStrategy.

**Featured Customer: NICE**

Discover how AI-powered innovation and cloud-native technologies help NICE deliver the world’s leading cloud CX platform, with data and analytics visualization from MicroStrategy.

**Find Solutions with MicroStrategy**

Build consumer-grade intelligence applications, empower users with data discovery, and seamlessly push content to employees, partners, and customers in minutes.

01:30

**Overview of the MicroStrategy Platform**

Discover the power of MicroStrategy, the modern, open, enterprise BI platform that delivers intelligence everywhere. Watch this overrview to learn everything you need to know.

36959 views · April 01, 2021

31:41

**Data Storytelling with Dossiers**

Did you know you can easily build no-code analytics applications with MicroStrategy Dossiers? In this session from MicroStrategy World 2022, experts introduced the art of data storytelling.

927 views · February 02, 2022

08:57

**Overview of MicroStrategy Mobile**

Watch the MicroStrategy team review how to integrate context-rich analytics and collaborative workflows with powerful no-code mobile applications. Learn more about traditional mobile applications from the MicroStrategy platform.

3703 views · September 22, 2020

06:27

**Trusted Data for Excel, BI Tools, and Data Science Tools**

Leverage the power of the industry's strongest semantic graph. Watch this to learn how MicroStrategy will help you get the most out of Excel and other BI applications. The tools you love, with data you can trust.

4007 views · September 22, 2020

**HyperIntelligence**

Deploy analytics beyond the analyst by injecting insights and actions into the applications and websites your people use every day.

00:44

**Introduction to HyperIntelligence**

With HyperIntelligence, deliver instant insights into your everyday applications with no code to make informed decisions and take action faster.

25983 views · November 18, 2019

**Embedded Intelligence**

Learn about MicroStrategy's #1 rated platform for Embedded Analytics.

01:00

**Make your Applications Intelligent with Embedded Analytics**

MicroStrategy’s #1-rated Embedded Analytics platform provides faster in-context insights and analysis in any application and on any device. Extend analytics into portals and applications, allowing users to take advantage of actionable insights in their day-to-day workflows.

925 views · October 14, 2021

11:35

**Overview of MicroStrategy Embedded Analytics**

MicroStrategy is the industry leader for application development and embedded analytics. Watch this video to learn more about the functionality related to customization and embedded analytics.

3944 views · May 29, 2020

**Cloud Intelligence**

The fastest, most efficient way to run your Intelligent Enterprise.

03:01

**What to Expect From Your Cloud Migration**

"Learn how you’ll collaborate with our MicroStrategy experts to ensure easy and efficient migration to the cloud—in a matter of weeks with no disruption to your users. "

666 views · June 22, 2021

43:31

**Top Trends: The Future of Cloud Computing**

Explore the top cloud trends on the horizon and learn to leverage robust application and infrastructure security to ensure integrity across a robust suite of analytics applications.

79 views · February 02, 2022

**Resources**

**Partners**

16:23

**Exasol: Turbocharging the BI Stack**

This session showcases how to accelerate time to insights and how to future-proof your MicroStrategy environment by adding Exasol to your data stack.

39 views · February 10, 2022

Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via the searchString parameter to the wikiScrapper task.

CVE-2020-22986

A bug exist in the input parameter of Access Manager that allows supply of invalid character to trigger cross-site scripting vulnerability. This affects NetIQ Access Manager 4.5 and 5.0

Tag

#xss