CVE-2026-3239

The Strong Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's testimonialview shortcode in all versions up to, and including, 3.2.21 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2026-3239

CVE-2026-3239 concerns the WordPress plugin Strong Testimonials. All versions up to and including 3.2.21 are affected by a Stored Cross-Site Scripting (Stored XSS) via the plugin’s testimonial_view shortcode, caused by insufficient input sanitization and output escaping on user-supplied attribute...

WordPress plugin WP Courses LMS 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress plugin Robo Gallery 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress Photo Gallery, Images, Slider in Rbs Image Gallery plugin <= 3.2.21 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Robert DeVore Patchstack Alliance in WordPress Plugin Robo Gallery versions = 3.2.21...

WordPress Robo Gallery plugin <= 3.2.21 - Missing Authorization to Authenticated (Subscriber+) Private Gallery Title Disclosure vulnerability

Missing Authorization to Authenticated Subscriber+ Private Gallery Title Disclosure vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Robo Gallery versions = 3.2.21...

WordPress Robo Gallery Plugin <= 3.2.21 is vulnerable to Broken Access Control

Software Robo Gallery Type Plugin Vulnerable versions = 3.2.21 Fixed in 3.2.22 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-8431 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 241f632267e8 Credits Trương Hữu Phúc truonghuuphuc...

Django < 3.2.21, 4.1.x < 4.1.11, 4.2.x < 4.2.5 DoS Vulnerability - Windows

Django is prone to a denial of service DoS vulnerability in django.utils.encoding.uritoiri. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE...

admin-tool-button (>=1.0.1a0 <=1.0.5a0), aedttest (=0.0.2) +125 more potentially affected by CVE-2023-43665 via django (>=3.2.0 <=3.2.21)

django PYPI version =3.2.0, =1.0.1a0, =2.0.0, =0.0.1, =1.0.6, =6.2.0, =0.2.0, =0.1.0, =21.1.1, =21.1.0, =22.0.0.dev13, =22.0.0.dev14 and more Source cves: CVE-2023-43665 Source advisory: OSV:PYSEC-2023-226...

PYSEC-2023-225

In Django 3.2 before 3.2.21, 4.1 before 4.1.11, and 4.2 before 4.2.5, django.utils.encoding.uritoiri is subject to a potential DoS denial of service attack via certain inputs with a very large number of Unicode characters...

UBUNTU-CVE-2023-41164

In Django 3.2 before 3.2.21, 4.1 before 4.1.11, and 4.2 before 4.2.5, django.utils.encoding.uritoiri is subject to a potential DoS denial of service attack via certain inputs with a very large number of Unicode characters...