Browser Back Button - Moderately critical - Cross site scripting - SA-CONTRIB-2024-072

This module provides a block that renders a link providing the functionality of a browser's back button. The module does not sufficiently escape text entered by an administrator, resulting in a cross scripting vulnerability. This vulnerability is mitigated by the fact that an attacker must have a...

Drupal Browser Back Button module 1.0.0-2.0.1 - Authenticated Cross Site Scripting (XSS) vulnerability

Authenticated Cross Site Scripting XSS vulnerability discovered by Patrick Fey in WordPress Module Browser Back Button versions 1.0.0-2.0.1...

PT-2024-10135 · Drupal · Drupal Browser Back Button

Name of the Vulnerable Software and Affected Versions: Drupal Browser Back Button versions 1.0.0 through 2.0.2 Description: The issue is related to improper neutralization of input during web page generation, which allows Cross-Site Scripting XSS. This can enable a remote attacker to conduct...

CVE-2024-35643

Cross Site Scripting XSS vulnerability in Xabier Miranda WP Back Button allows Stored XSS.This issue affects WP Back Button: from n/a through 1.1.3...

CVE-2024-35643 WordPress WP Back Button plugin <= 1.1.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability in Xabier Miranda WP Back Button allows Stored XSS.This issue affects WP Back Button: from n/a through 1.1.3...

PT-2024-26590 · WordPress · Xabier Miranda Wp Back Button

Name of the Vulnerable Software and Affected Versions: Xabier Miranda WP Back Button versions 1.1.3 and earlier Description: The issue is a Cross Site Scripting XSS vulnerability, specifically a Stored XSS, in Xabier Miranda WP Back Button. This allows an attacker to inject malicious scripts into...

WordPress WP Back Button plugin <= 1.1.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by alfido osdie Patchstack Alliance in WordPress Plugin WP Back Button versions = 1.1.3...

WordPress WP Back Button Plugin <= 1.1.3 is vulnerable to Cross Site Scripting (XSS)

Software WP Back Button Type Plugin Vulnerable versions = 1.1.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-35643 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 90452d019b78 Credits alfido osdie Patchstack Alliance Required...

CVE-2023-51399

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Back Button Widget allows Stored XSS.This issue affects Back Button Widget: from n/a through 1.6.3...

CVE-2023-51399

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Back Button Widget allows Stored XSS.This issue affects Back Button Widget: from n/a through 1.6.3...

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Back Button Widget allows Stored XSS.This issue affects Back Button Widget: from n/a through 1.6.3...

CVE-2023-51399

The CVE-2023-51399 affects the WordPress WPFactory Back Button Widget plugin (versions ≤ 1.6.3). Root cause: improper neutralization of input during web page generation, enabling Stored XSS. Impact: stored XSS in widget output; PRI/impact as documented (low confidentiality, integrity, availabilit...

CVE-2023-51399 WordPress Back Button Widget Plugin <= 1.6.3 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Back Button Widget allows Stored XSS.This issue affects Back Button Widget: from n/a through 1.6.3...

CVE-2023-31292

An issue was discovered in Sesami Cash Point & Transport Optimizer CPTO 6.3.8.6 718, allows local attackers to obtain sensitive information and bypass authentication via "Back Button Refresh" attack...

CVE-2023-31292

An issue was discovered in Sesami Cash Point & Transport Optimizer CPTO 6.3.8.6 718, allows local attackers to obtain sensitive information and bypass authentication via "Back Button Refresh" attack...

Authentication flaw

An issue was discovered in Sesami Cash Point & Transport Optimizer CPTO 6.3.8.6 718, allows local attackers to obtain sensitive information and bypass authentication via "Back Button Refresh" attack...

CVE-2023-31292

An issue was discovered in Sesami Cash Point & Transport Optimizer CPTO 6.3.8.6 718, allows local attackers to obtain sensitive information and bypass authentication via "Back Button Refresh" attack...

CVE-2023-31292

An issue was discovered in Sesami Cash Point & Transport Optimizer CPTO 6.3.8.6 718, allows local attackers to obtain sensitive information and bypass authentication via "Back Button Refresh" attack...

WordPress Plugin Back Button Widget Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

Sesami Cash Point & Transport Optimizer Security Vulnerability

Sesami Cash Point & Transport Optimizer is a solution from Sesami Corporation. A security vulnerability exists in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6, which stems from an unknown issue. The vulnerability allows a local attacker to obtain sensitive information and bypass...