WordPress Photoxhibit 2.1.8 - Cross-Site Scripting

WordPress Photoxhibit 2.1.8 contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials an...

CVE-2018-1000143

CVE-2018-1000143 affects Jenkins GitHub Pull Request Builder Plugin (versions 1.39.0 and earlier) and GhprbCause.java, enabling a local attacker with filesystem access to obtain GitHub credentials. The issue is confirmed across NVD and multiple security trackers. Impact is exposure of credentials...

CVE-2017-1000143

Affected software: Mahara. Vulnerable versions include 1.8 before 1.8.7, 1.9 before 1.9.5, 1.10 before 1.10.3, and 15.04 before 15.04.0. Issue: users can receive watchlist notifications about pages they no longer have access to, exposing access-restricted content. Root cause not detailed in provi...

CVE-2016-1000143

Reflected XSS in wordpress plugin photoxhibit v2.1.8...

CVE-2016-1000143

Reflected XSS in wordpress plugin photoxhibit v2.1.8...

CVE-2016-1000143

Reflected XSS in wordpress plugin photoxhibit v2.1.8...

CVE-2016-1000143

WordPress Photoxhibit 2.1.8 contains a reflected cross-site scripting vulnerability. The Nuclei template confirms the issue affects the Photoxhibit plugin for WordPress and describes an attacker-in-the-browser script execution in the context of the affected site, enabling potential cookie-based c...