Norway Probes Major Cyberattack on 12 Government Ministries

By Habiba Rashid The cyberattack was discovered earlier this month. This is a post from HackRead.com Read the original post: Norway Probes Major Cyberattack on 12 Government Ministries...

CVE-2023-3856

A vulnerability, which was classified as problematic, has been found in phpscriptpoint Ecommerce 1.15. Affected by this issue is some unknown functionality of the file /blog-single.php. The manipulation of the argument slug leads to cross site scripting. The attack may be launched remotely. The...

Cross site scripting

A vulnerability, which was classified as problematic, has been found in phpscriptpoint Ecommerce 1.15. Affected by this issue is some unknown functionality of the file /blog-single.php. The manipulation of the argument slug leads to cross site scripting. The attack may be launched remotely. The...

CVE-2023-3856 phpscriptpoint Ecommerce blog-single.php cross site scripting

A vulnerability, which was classified as problematic, has been found in phpscriptpoint Ecommerce 1.15. Affected by this issue is some unknown functionality of the file /blog-single.php. The manipulation of the argument slug leads to cross site scripting. The attack may be launched remotely. The...

Ecommerce 跨站脚本漏洞

Ecommerce is a website builder from the phpscriptpoint team. A cross-site scripting vulnerability exists in Ecommerce version 1.15, which stems from a cross-site scripting XSS vulnerability in the slug parameter of blog-single.php...

PT-2023-26511 · Unknown · Phpscriptpoint Ecommerce

Name of the Vulnerable Software and Affected Versions: phpscriptpoint Ecommerce version 1.15 Description: A problematic issue has been found in the software, affecting some unknown functionality of the file /blog-single.php. The manipulation of the slug argument leads to cross-site scripting. The...

WordPress WP Tools Divi Blog Carousel Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)

Software WP Tools Divi Blog Carousel Type Plugin Vulnerable versions = 1.3.0 Fixed in 1.3.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 8fda70168d77 Credits Rafie Muhammad Patchstac...

WordPress WP-CopyProtect [Protect your blog posts] Plugin <= 3.1.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software WP-CopyProtect Protect your blog posts Type Plugin Vulnerable versions = 3.1.0 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-25025 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 483e3127703e Credit...

WordPress BlogPost - BlogPost Widgets - Amazing Blog Layouts Plugin <= 1.1 is vulnerable to Cross Site Scripting (XSS)

Software BlogPost - BlogPost Widgets - Amazing Blog Layouts Type Plugin Vulnerable versions = 1.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 694940615fc3 Credits Rafie...

WordPress Blog Sidebar Widget Plugin <= 1.0.6 is vulnerable to Cross Site Scripting (XSS)

Software Blog Sidebar Widget Type Plugin Vulnerable versions = 1.0.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 7ae8bbf8a06a Credits Rafie Muhammad Patchstack...

WordPress Roven Blog Theme <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Roven Blog Type Theme Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f92c1f62e673 Credits Rafie Muhammad Patchstack Required...

WordPress Print My Blog Plugin < 3.25.2 is vulnerable to Cross Site Scripting (XSS)

Software Print My Blog Type Plugin Vulnerable versions 3.25.2 Fixed in 3.25.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Michael Nelson PSID 0cee933b5bb7 Credits Rafie Muhammad Patchstack Required...

WordPress Bootstrap Blog Theme < 10.2.3 is vulnerable to Cross Site Scripting (XSS)

Software Bootstrap Blog Type Theme Vulnerable versions 10.2.3 Fixed in 10.2.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 930f23955c14 Credits Rafie Muhammad Patchstack Required...

WordPress ConeBlog – WordPress Blog Widgets Plugin <= 1.4.7 is vulnerable to Cross Site Scripting (XSS)

Software ConeBlog – WordPress Blog Widgets Type Plugin Vulnerable versions = 1.4.7 Fixed in 1.4.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer WP Cone PSID 46d2d31b4e72 Credits Rafie Muhammad...

WordPress Full Page Blog Designer Plugin <= 1.0.2 is vulnerable to Cross Site Scripting (XSS)

Software Full Page Blog Designer Type Plugin Vulnerable versions = 1.0.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID ac6f41a33fc8 Credits Rafie Muhammad Patchstack...

WordPress PremiumBlogAddons - Premium Blog Addons - Amazing Blog Layouts Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)

Software PremiumBlogAddons - Premium Blog Addons - Amazing Blog Layouts Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 80de45e262...

WordPress News & Blog Designer Pack – WordPress Blog Plugin Plugin < 3.4.1 is vulnerable to Cross Site Scripting (XSS)

Software News & Blog Designer Pack – WordPress Blog Plugin Type Plugin Vulnerable versions 3.4.1 Fixed in 3.4.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 08b3b2cabf45 Credits...

WordPress G Blog Theme <= 1.0.7 is vulnerable to Cross Site Scripting (XSS)

Software G Blog Type Theme Vulnerable versions = 1.0.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c6d3793144fe Credits Rafie Muhammad Patchstack Required privilege...

WordPress Salzburg Blog Theme <= 1.0.11 is vulnerable to Cross Site Scripting (XSS)

Software Salzburg Blog Type Theme Vulnerable versions = 1.0.11 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 70c5d5b562e1 Credits Rafie Muhammad Patchstack Required...

CVE-2023-35089

Cross-Site Request Forgery CSRF vulnerability in Really Simple Plugins Recipe Maker For Your Food Blog from Zip Recipes plugin = 8.0.7 versions...