36 matches found
WordPress plugin Borderless 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerabili...
CVE-2024-4666
The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 1.5.3 due to insufficient input sanitization and output escaping on user supplied...
CVE-2024-4666 Borderless - Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg <= 1.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets
The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 1.5.3 due to insufficient input sanitization and output escaping on user supplied...
CVE-2024-4666 Borderless - Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg <= 1.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets
The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 1.5.3 due to insufficient input sanitization and output escaping on user supplied...
WordPress Borderless plugin <= 1.7.5 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Abu Hurayra in WordPress Plugin Borderless versions = 1.7.3...
WordPress Borderless plugin <= 1.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Multiple Widgets vulnerability discovered by stealthcopter in WordPress Plugin Borderless versions = 1.5.3...
WordPress Borderless Plugin <= 1.5.3 is vulnerable to Cross Site Scripting (XSS)
Software Borderless Type Plugin Vulnerable versions = 1.5.3 Fixed in 1.5.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4666 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID d9fe795f805d Credits stealthcopter Required...
WordPress Borderless Plugin <= 1.5.7 is vulnerable to Cross Site Scripting (XSS)
Software Borderless Type Plugin Vulnerable versions = 1.5.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-34757 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 6690481ece90 Credits Khalid Yusuf Required privilege Contributor...
WordPress plugin Borderless 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
Borderless < 1.4.9 - Admin+ Stored XSS
Description The plugin does not validate and escape some parameters, which could allow users with the admin role and above to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2023-38518 WordPress Borderless Plugin <= 1.4.8 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Visualmodo Borderless plugin = 1.4.8 versions...
CVE-2023-38518 WordPress Borderless Plugin <= 1.4.8 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Visualmodo Borderless plugin = 1.4.8 versions...
CVE-2023-38518
CVE-2023-38518 concerns the WordPress plugin Borderless by Visualmodo, affected versions are ≤ 1.4.8. The vulnerability is described as an authenticated (admin+) Stored Cross-Site Scripting (XSS) flaw, allowing an attacker with admin+ privileges to inject scripts that execute in other users’ sess...
PT-2023-26495 · Visualmodo · Visualmodo Borderless Plugin
Name of the Vulnerable Software and Affected Versions: Visualmodo Borderless plugin versions = 1.4.8 Description: The issue is related to an Authenticated Stored Cross-Site Scripting XSS vulnerability. This means that an attacker with admin+ privileges can inject malicious scripts into the...
WordPress plugin Borderless cross-site scripting vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...
WordPress Borderless Plugin <= 1.4.8 is vulnerable to Cross Site Scripting (XSS)
Software Borderless Type Plugin Vulnerable versions = 1.4.8 Fixed in 1.4.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-38518 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID c49a317f00bf Credits Rio Darmawan Required...