The vulnerability of the box_add() function in the virtuoso-opensource web application development platform allows a hacker to trigger a service failure.

The vulnerability of the boxadd function in the virtuoso-opensource web application development platform exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to cause service failures after executing the SELECT operator...

CVE-2024-30553

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Joby Joseph WP Twitter Mega Fan Box Widget allows Stored XSS.This issue affects WP Twitter Mega Fan Box Widget : from n/a through 1.0...

CVE-2024-30553 WordPress WP Twitter Mega Fan Box Widget plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Joby Joseph WP Twitter Mega Fan Box Widget allows Stored XSS.This issue affects WP Twitter Mega Fan Box Widget : from n/a through 1.0...

CVE-2024-30553

CVE-2024-30553 is a stored XSS in the WP Twitter Mega Fan Box Widget for WordPress. The vulnerability arises from improper input neutralization during web page generation, affecting the WP Twitter Mega Fan Box Widget versions up to 1.0 (older than 1.0). The connected Red Hat advisory confirms the...

CVE-2024-30526 WordPress Easy Social Feed – Social Photos Gallery – Post Feed – Like Box plugin <= 6.5.6 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Easy Social Feed.This issue affects Easy Social Feed: from n/a through 6.5.6...

WordPress Plugin WP Twitter Mega Fan Box Widget 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin WP Twitter Mega Fan Box...

WordPress Download Special Box for Content plugin <= 1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Cronus Patchstack Alliance in WordPress Plugin Special Box for Content versions = 1...

WordPress WP Twitter Mega Fan Box Widget plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Cronus Patchstack Alliance in WordPress Plugin WP Twitter Mega Fan Box Widget versions = 1.0...

WordPress WP Twitter Mega Fan Box Widget Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)

Software WP Twitter Mega Fan Box Widget Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-30553 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 6b9f98b57959 Credits Cronus Required privilege...

WordPress Special Box for Content Plugin <= 1 is vulnerable to Cross Site Scripting (XSS)

Software Special Box for Content Type Plugin Vulnerable versions = 1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-31119 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 3a19676e1313 Credits Cronus Required privilege...

WordPress Plugin Author Box, Guest Author and Co-Authors for Your Posts 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

GHSA-MR24-CF69-5CHQ dcat-admin Cross Site Scripting vulnerability

Cross Site Scripting vulnerability in dcat-admin v.2.1.3 and before allows a remote attacker to execute arbitrary code via a crafted script to the user login box...

dcat-admin Cross Site Scripting vulnerability

Cross Site Scripting vulnerability in dcat-admin v.2.1.3 and before allows a remote attacker to execute arbitrary code via a crafted script to the user login box...

CVE-2024-24799

Missing Authorization vulnerability in WooCommerce WooCommerce Box Office.This issue affects WooCommerce Box Office: from n/a through 1.2.2...

CVE-2024-24799

Missing Authorization vulnerability in WooCommerce WooCommerce Box Office.This issue affects WooCommerce Box Office: from n/a through 1.2.2...

CVE-2024-24799 WordPress WooCommerce Box Office plugin <= 1.2.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in WooCommerce WooCommerce Box Office.This issue affects WooCommerce Box Office: from n/a through 1.2.2...

CVE-2024-24799 WordPress WooCommerce Box Office plugin <= 1.2.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in WooCommerce WooCommerce Box Office.This issue affects WooCommerce Box Office: from n/a through 1.2.2...

CVE-2024-29644

Cross Site Scripting vulnerability in dcat-admin v.2.1.3 and before allows a remote attacker to execute arbitrary code via a crafted script to the user login box...

Dcat Admin 安全漏洞

Dcat Admin is a backend system builder based on the secondary development of laravel-admin by Jiang Qinghua's personal developer. A security vulnerability exists in Dcat Admin v.2.1.3 and earlier versions. The vulnerability can be exploited by remote attackers to execute arbitrary code in the use...

WordPress Plugin WooCommerce Box Office 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...