23 matches found
PT-2024-17249 · WordPress · Particle Background
Name of the Vulnerable Software and Affected Versions: Particle Background plugin for WordPress versions up to, and including, 1.0.2 Description: The Particle Background plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'particleground' shortcode due to insufficie...
CVE-2022-4652 Video Background < 2.7.5 - Contributor+ Stored XSS via Shortcode
The Video Background WordPress plugin before 2.7.5 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
PT-2023-14954 · WordPress · Video Background
Name of the Vulnerable Software and Affected Versions: Video Background WordPress plugin versions prior to 2.7.5 Description: The issue concerns the Video Background WordPress plugin, which does not properly validate and escape certain shortcode attributes. This could allow users with the...