MiracleLinux 7 : firefox-115.4.0-1.0.1.el7.AXS7 (AXSA:2023-6556:40)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6556:40 advisory. Mozilla: Queued up rendering could have allowed websites to clickjack CVE-2023-5721 Mozilla: Memory safety bugs fixed in Firefox 119, Firefox ESR...

MiracleLinux 8 : firefox-115.4.0-1.el8.ML.1 (AXSA:2023-6572:42)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6572:42 advisory. Mozilla: Queued up rendering could have allowed websites to clickjack CVE-2023-5721 Mozilla: Memory safety bugs fixed in Firefox 119, Firefox ESR...

WordPress Easy Contact Form Lite plugin <= 1.1.28 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Krugov Artyom in WordPress Plugin Easy Contact Form Lite versions = 1.1.28...

CVE-2025-5730

The Contact Form Plugin WordPress plugin before 1.1.29 does not sanitise and escape some of its settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks...

CVE-2025-5730

The Contact Form Plugin WordPress plugin before 1.1.29 does not sanitise and escape some of its settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks...

CVE-2025-5730

CVE-2025-5730 affects the WordPress Contact Form Plugin prior to 1.1.29. The issue is caused by insufficient sanitization/escaping of certain plugin settings, allowing authenticated high-privilege users (e.g., contributors) to perform a Stored Cross-Site Scripting (XSS) attack. The vulnerability ...

CVE-2025-5730 Easy Contact Form Lite < 1.1.29 - Contributor+ Stored XSS

The Contact Form Plugin WordPress plugin before 1.1.29 does not sanitise and escape some of its settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks...

TencentOS Server 3: thunderbird (TSSA-2023:0262)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0262 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

CVE-2024-5730

The Pagerank tools WordPress plugin through 1.1.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

Linux Distros Unpatched Vulnerability : CVE-2018-5730

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by...

WordPress Pagerank Tools Plugin <= 1.1.5 is vulnerable to Cross Site Scripting (XSS)

Software Pagerank Tools Type Plugin Vulnerable versions = 1.1.5 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5730 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID ed7753fdc52a Credits Bob Matyas Required...

CVE-2024-5730

CVE-2024-5730 affects the Pagerank Tools WordPress plugin (versions up to and including 1.1.5). The issue is a Reflected Cross-Site Scripting where an input parameter is not properly sanitised/escaped before being output on the page, enabling an attacker to exploit it against high-privilege users...

CVE-2024-5730 Pagerank Tools <= 1.1.5 - Reflected XSS

The Pagerank tools WordPress plugin through 1.1.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

openSUSE: Security Advisory for MozillaThunderbird (SUSE-SU-2023:4302-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for MozillaFirefox (SUSE-SU-2023:4214-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2023:4551-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : MozillaFirefox (SUSE-SU-2023:4551-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4551-1 advisory. - It was possible for certain browser prompts and dialogs to be activated or dismissed...

SUSE-SU-2023:4551-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 115.5.0 ESR Placeholder changelog-entry bsc1217230 Fixed: Various security fixes and other quality improvements. MFSA 2023-46 bsc1216338 CVE-2023-5721: Queued up rendering could have allowed websites to...

SUSE SLES15 Security Update : MozillaFirefox (SUSE-SU-2023:4533-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4533-1 advisory. - It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an...

SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2023:4532-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4532-1 advisory. - It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an...