EUVD-2024-34302

Malicious code in bioql PyPI...

CVE-2024-11905 Animated Counters <= 2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Animated Counters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'animatedcounte' shortcode in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-11905

CVE-2024-11905 – The Animated Counters plugin for WordPress is vulnerable to a Stored XSS via the plugin’s 'animatedcounte' shortcode in all versions up to 2.0 due to insufficient input sanitization and output escaping on user-supplied attributes. This requires an attacker with at least Contribut...

WordPress Animated Counters plugin <= 2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by theviper17y in WordPress Plugin Animated Counters versions = 2.0...

WordPress plugin Animated Counters 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2024-17338 · WordPress · Animated Counters

Name of the Vulnerable Software and Affected Versions: Animated Counters plugin for WordPress versions up to, and including, 2.0 Description: The Animated Counters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'animatedcounte' shortcode due to insufficient inp...

Animated Counters < 1.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Description The Animated Counters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...

CVE-2023-5774

The Animated Counters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers...

CVE-2023-5774

CVE-2023-5774 affects the WordPress plugin Animated Counters (versions ≤ 1.7). The vulnerability is a stored XSS via shortcode attributes caused by insufficient input sanitization and output escaping. Exploitation requires authenticated access at Contributor level or higher , and an attacker can ...

CVE-2023-5774 Animated Counters <= 1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The Animated Counters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers...

WordPress Plugin Animated Counters Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

PT-2023-32316 · WordPress · Animated Counters

Name of the Vulnerable Software and Affected Versions: Animated Counters plugin for WordPress versions up to, and including, 1.7 Description: The issue is related to Stored Cross-Site Scripting via the plugin's shortcodes due to insufficient input sanitization and output escaping on user-supplied...

WordPress Animated Counters Plugin <= 1.7 is vulnerable to Cross Site Scripting (XSS)

Software Animated Counters Type Plugin Vulnerable versions = 1.7 Fixed in 1.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5774 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID cc65954492ea Credits Dmitrii Ignatyev Required...