63 matches found
CVE-2024-7388
The WP Bannerize Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via banner alt data in all versions up to, and including, 1.9.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with editor-level permissions and...
CVE-2023-41663
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Giovambattista Fazioli WP Bannerize Pro plugin = 1.6.9 versions...
CVE-2024-7388
The WP Bannerize Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via banner alt data in all versions up to, and including, 1.9.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with editor-level permissions and...
CVE-2024-7388 WP Bannerize Pro <= 1.9.0 - Authenticated (Editor+) Stored Cross-Site Scripting
The WP Bannerize Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via banner alt data in all versions up to, and including, 1.9.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with editor-level permissions and...
WordPress plugin WP Bannerize Pro 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security...
WordPress WP Bannerize Pro plugin <= 1.9.0 - Authenticated (Editor+) Stored Cross-Site Scripting vulnerability
Authenticated Editor+ Stored Cross-Site Scripting vulnerability discovered by Nguyễn Trung Kiên in WordPress Plugin WP Bannerize Pro versions = 1.9.0...
PT-2024-38316 · WordPress · Wp Bannerize Pro
Name of the Vulnerable Software and Affected Versions: WP Bannerize Pro plugin for WordPress versions up to, and including, 1.9.0 Description: The issue is related to Stored Cross-Site Scripting via banner alt data due to insufficient input sanitization and output escaping. This allows...
WordPress WP Bannerize Pro Plugin <= 1.9.0 is vulnerable to Cross Site Scripting (XSS)
Software WP Bannerize Pro Type Plugin Vulnerable versions = 1.9.0 Fixed in 1.9.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-7388 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID e13c4b78a18d Credits Nguyễn Trung Kiên...
CVE-2023-41663
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Giovambattista Fazioli WP Bannerize Pro plugin = 1.6.9 versions...
CVE-2023-41663
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Giovambattista Fazioli WP Bannerize Pro plugin = 1.6.9 versions...
CVE-2023-41663
CVE-2023-41663 – WordPress WP Bannerize Pro : Unauthenticated reflected Cross-Site Scripting (XSS) in Giovambattista Fazioli WP Bannerize Pro plugin versions
CVE-2023-41663 WordPress WP Bannerize Pro Plugin <= 1.6.9 is vulnerable to Cross Site Scripting (XSS)
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Giovambattista Fazioli WP Bannerize Pro plugin = 1.6.9 versions...
WP Bannerize Pro <= 1.6.9 - Reflected XSS
Description The plugin does not sanitise and escape some parameters before outputting them back in the page, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
WordPress Plugin WP Bannerize Pro Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress WP Bannerize Pro Plugin <= 1.6.9 is vulnerable to Cross Site Scripting (XSS)
Software WP Bannerize Pro Type Plugin Vulnerable versions = 1.6.9 Fixed in 1.7.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-41663 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 77839e376c07 Credits thiennv Required...
CVE-2021-39351
The WP Bannerize WordPress plugin is vulnerable to authenticated SQL injection via the id parameter found in the /Classes/wpBannerizeAdmin.php file which allows attackers to exfiltrate sensitive information from vulnerable sites. This issue affects versions 2.0.0 - 4.0.2...
CVE-2021-39351
The WP Bannerize WordPress plugin is vulnerable to authenticated SQL injection via the id parameter found in the /Classes/wpBannerizeAdmin.php file which allows attackers to exfiltrate sensitive information from vulnerable sites. This issue affects versions 2.0.0 - 4.0.2...
Sql injection
The WP Bannerize WordPress plugin is vulnerable to authenticated SQL injection via the id parameter found in the /Classes/wpBannerizeAdmin.php file which allows attackers to exfiltrate sensitive information from vulnerable sites. This issue affects versions 2.0.0 - 4.0.2...
CVE-2021-39351 WP Bannerize 2.0.0 - 4.0.2 - Authenticated SQL Injection
The WP Bannerize WordPress plugin is vulnerable to authenticated SQL injection via the id parameter found in the /Classes/wpBannerizeAdmin.php file which allows attackers to exfiltrate sensitive information from vulnerable sites. This issue affects versions 2.0.0 - 4.0.2...
CVE-2021-39351 WP Bannerize 2.0.0 - 4.0.2 - Authenticated SQL Injection
The WP Bannerize WordPress plugin is vulnerable to authenticated SQL injection via the id parameter found in the /Classes/wpBannerizeAdmin.php file which allows attackers to exfiltrate sensitive information from vulnerable sites. This issue affects versions 2.0.0 - 4.0.2...