Lucene search
K

63 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 9:50 a.m.6 views

CVE-2024-7388

The WP Bannerize Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via banner alt data in all versions up to, and including, 1.9.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with editor-level permissions and...

4CVSS5.8AI score0.00246EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:14 a.m.10 views

CVE-2023-41663

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Giovambattista Fazioli WP Bannerize Pro plugin = 1.6.9 versions...

7.1CVSS5.9AI score0.00331EPSS
Exploits0References1
NVD
NVD
added 2024/08/13 3:15 a.m.24 views

CVE-2024-7388

The WP Bannerize Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via banner alt data in all versions up to, and including, 1.9.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with editor-level permissions and...

4CVSS0.00246EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/08/13 1:59 a.m.22 views

CVE-2024-7388 WP Bannerize Pro <= 1.9.0 - Authenticated (Editor+) Stored Cross-Site Scripting

The WP Bannerize Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via banner alt data in all versions up to, and including, 1.9.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with editor-level permissions and...

4CVSS0.00246EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/08/13 12:0 a.m.4 views

WordPress plugin WP Bannerize Pro 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security...

4CVSS5.9AI score0.00246EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/08/12 1:11 p.m.6 views

WordPress WP Bannerize Pro plugin <= 1.9.0 - Authenticated (Editor+) Stored Cross-Site Scripting vulnerability

Authenticated Editor+ Stored Cross-Site Scripting vulnerability discovered by Nguyễn Trung Kiên in WordPress Plugin WP Bannerize Pro versions = 1.9.0...

4CVSS5.7AI score0.00246EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/08/12 12:0 a.m.7 views

PT-2024-38316 · WordPress · Wp Bannerize Pro

Name of the Vulnerable Software and Affected Versions: WP Bannerize Pro plugin for WordPress versions up to, and including, 1.9.0 Description: The issue is related to Stored Cross-Site Scripting via banner alt data due to insufficient input sanitization and output escaping. This allows...

4CVSS5.9AI score0.00246EPSS
Exploits0References7
Patchstack
Patchstack
added 2024/08/12 12:0 a.m.12 views

WordPress WP Bannerize Pro Plugin <= 1.9.0 is vulnerable to Cross Site Scripting (XSS)

Software WP Bannerize Pro Type Plugin Vulnerable versions = 1.9.0 Fixed in 1.9.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-7388 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID e13c4b78a18d Credits Nguyễn Trung Kiên...

4CVSS5.8AI score0.00246EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2023/09/29 2:15 p.m.28 views

CVE-2023-41663

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Giovambattista Fazioli WP Bannerize Pro plugin = 1.6.9 versions...

7.1CVSS6.2AI score0.00331EPSS
Exploits0References1
OSV
OSV
added 2023/09/29 2:15 p.m.3 views

CVE-2023-41663

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Giovambattista Fazioli WP Bannerize Pro plugin = 1.6.9 versions...

6.1CVSS7.3AI score0.00331EPSS
Exploits0References1
CVE
CVE
added 2023/09/29 1:43 p.m.65 views

CVE-2023-41663

CVE-2023-41663 – WordPress WP Bannerize Pro : Unauthenticated reflected Cross-Site Scripting (XSS) in Giovambattista Fazioli WP Bannerize Pro plugin versions

7.1CVSS6.1AI score0.00331EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/09/29 1:43 p.m.10 views

CVE-2023-41663 WordPress WP Bannerize Pro Plugin <= 1.6.9 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Giovambattista Fazioli WP Bannerize Pro plugin = 1.6.9 versions...

7.1CVSS6.2AI score0.00331EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2023/09/29 12:0 a.m.15 views

WP Bannerize Pro <= 1.6.9 - Reflected XSS

Description The plugin does not sanitise and escape some parameters before outputting them back in the page, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS5.7AI score0.00331EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/09/29 12:0 a.m.6 views

WordPress Plugin WP Bannerize Pro Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

7.1CVSS6AI score0.00331EPSS
Exploits0References2
Patchstack
Patchstack
added 2023/09/01 12:0 a.m.15 views

WordPress WP Bannerize Pro Plugin <= 1.6.9 is vulnerable to Cross Site Scripting (XSS)

Software WP Bannerize Pro Type Plugin Vulnerable versions = 1.6.9 Fixed in 1.7.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-41663 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 77839e376c07 Credits thiennv Required...

7.1CVSS5.6AI score0.00331EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2021/10/06 4:15 p.m.3 views

CVE-2021-39351

The WP Bannerize WordPress plugin is vulnerable to authenticated SQL injection via the id parameter found in the /Classes/wpBannerizeAdmin.php file which allows attackers to exfiltrate sensitive information from vulnerable sites. This issue affects versions 2.0.0 - 4.0.2...

6.5CVSS5.8AI score0.01096EPSS
Exploits0References2
NVD
NVD
added 2021/10/06 4:15 p.m.22 views

CVE-2021-39351

The WP Bannerize WordPress plugin is vulnerable to authenticated SQL injection via the id parameter found in the /Classes/wpBannerizeAdmin.php file which allows attackers to exfiltrate sensitive information from vulnerable sites. This issue affects versions 2.0.0 - 4.0.2...

7.7CVSS0.01096EPSS
Exploits0References2
Prion
Prion
added 2021/10/06 4:15 p.m.15 views

Sql injection

The WP Bannerize WordPress plugin is vulnerable to authenticated SQL injection via the id parameter found in the /Classes/wpBannerizeAdmin.php file which allows attackers to exfiltrate sensitive information from vulnerable sites. This issue affects versions 2.0.0 - 4.0.2...

4CVSS6.6AI score0.01096EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2021/10/06 3:22 p.m.7 views

CVE-2021-39351 WP Bannerize 2.0.0 - 4.0.2 - Authenticated SQL Injection

The WP Bannerize WordPress plugin is vulnerable to authenticated SQL injection via the id parameter found in the /Classes/wpBannerizeAdmin.php file which allows attackers to exfiltrate sensitive information from vulnerable sites. This issue affects versions 2.0.0 - 4.0.2...

6.7AI score0.01096EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/10/06 3:22 p.m.33 views

CVE-2021-39351 WP Bannerize 2.0.0 - 4.0.2 - Authenticated SQL Injection

The WP Bannerize WordPress plugin is vulnerable to authenticated SQL injection via the id parameter found in the /Classes/wpBannerizeAdmin.php file which allows attackers to exfiltrate sensitive information from vulnerable sites. This issue affects versions 2.0.0 - 4.0.2...

6.9AI score0.01096EPSS
Exploits0References2
Rows per page
Query Builder