166 matches found
CVE-2022-4832
The Store Locator WordPress plugin before 1.4.9 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privileg...
Cross site scripting
The Easy Bootstrap Shortcode WordPress plugin through 4.5.4 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against...
Cross site scripting
The Sitemap WordPress plugin before 4.4 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users...
CVE-2022-4474 Easy Social Feed – Social Photos Gallery – Post Feed – Like Box < 6.4.0 - Contributor+ Stored XSS
The Easy Social Feed WordPress plugin before 6.4.0 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...
CVE-2022-4760 OneClick Chat to Order < 1.0.4.2 - Contributor+ Stored XSS via Shortcode
The OneClick Chat to Order WordPress plugin before 1.0.4.2 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against hi...
uTubeVideo Gallery < 2.0.8 - Contributor+ Stored XSS
The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC utubevideo view='panel' id='"...
Materialis Companion < 1.3.40 - Contributor+ Stored XSS via Shortcode
The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC Required...
CPT Bootstrap Carousel <= 1.12 - Contributor+ Stored XSS via Shortcode
The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC Note: Fir...
Accordion Shortcodes <= 2.4.2 - Contributor+ Stored XSS via Shortcode
The plugin does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack. PoC Exploit shortcode: accordion class='" onmouseover="alert1" style="background:red;width:100px;height:100px;"'...
PixCodes < 2.3.7 - Contributor+ Stored XSS in Shortcode
The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC Exploit...
Easy Accordion < 2.2.0 - Contributor+ Stored XSS
The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC Exploit...
Page Scroll To ID < 1.7.6 - Contributor+ Stored XSS
The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC Put the...
WP Table Reloaded <= 1.9.4 - Contributor+ Stored XSS
The plugin does not validate and escapes some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as a contributor to perform Stored Cross-Site Scripting attacks, which could be used against high privilege users such as admins. PoC Explo...
Huawei HarmonyOS 安全漏洞
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS, which originates from a video playback process anomaly caused by a lack of strict validation of safe...
CVE-2021-24880
The SupportCandy WordPress plugin before 2.2.7 does not validate and escape the page attribute of its shortcode, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks...
Cisco IOS XE Software TrustSec Protected Access Credential Provisioning DoS (cisco-sa-20190925-ctspac-dos)
According to its self-reported version, Cisco IOS XE Software is affected by a denial of service vulnerability. This is due to improper validation of attributes in RADIUS messages. An attacker can exploit this vulnerability by a sending malicious RADIUS message whil ethe device is in a specific...
Cisco IOS XE CTS PAC Configuration Denial of Service Vulnerability
Cisco IOS XE is a set of operating systems developed by Cisco for its network devices. A denial of service vulnerability exists in the Cisco TrustSec CTS Protected Access Credentials PAC configuration module of Cisco IOS XE. The vulnerability stems from improper validation of attributes in RADIUS...
CVE-2019-12663
CVE-2019-12663 affects Cisco IOS XE Software, specifically the TrustSec Protected Access Credential (PAC) provisioning module. The root cause is improper validation of attributes in RADIUS messages, which can be exploited by an unauthenticated remote attacker by sending a malicious RADIUS message...
CVE-2019-12663 Cisco IOS XE Software TrustSec Protected Access Credential Provisioning Denial of Service Vulnerability
A vulnerability in the Cisco TrustSec CTS Protected Access Credential PAC provisioning module of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device, resulting in a denial of service DoS condition. The vulnerability is due to improper...
DEBIAN-CVE-2016-9424
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m doesn't properly validate the value of tag attribute, which allows remote attackers to cause a denial of service heap buffer overflow crash and possibly execute arbitrary code via a crafted HTML page...