DEBIAN-CVE-2020-36774

plugins/gtk+/glade-gtk-box.c in GNOME Glade before 3.38.1 and 3.39.x before 3.40.0 mishandles widget rebuilding for GladeGtkBox, leading to a denial of service application crash...

Huawei EMUI 安全漏洞

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scenario distributed operating system based on a microkernel.Huawei EMUI is a user interface developed by Huawei based on the Android operating system. A privilege checking type vulnerability exists in the...

CVE-2023-6591

The Popup Box WordPress plugin before 20.9.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

CVE-2023-6591

The Popup Box WordPress plugin before 20.9.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

CVE-2023-6591 Popup Box Pro < 20.9.0 - Admin+ Stored XSS

The Popup Box WordPress plugin before 20.9.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

CVE-2023-6591 Popup Box Pro < 20.9.0 - Admin+ Stored XSS

The Popup Box WordPress plugin before 20.9.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

CVE-2023-6591

CVE-2023-6591 affects the Popup Box WordPress plugin (before 20.9.0). The issue is due to inadequate sanitization/escaping of settings, enabling stored XSS that could be executed by high-privilege users (e.g., admins) even when unfiltered_html is disallowed. Connected sources describe admin+ stor...

PT-2024-15016 · WordPress · Popup Box

Name of the Vulnerable Software and Affected Versions: Popup Box WordPress plugin versions prior to 20.9.0 Description: The issue allows high privilege users, such as admins, to perform Cross-Site Scripting attacks even when unfiltered html is disallowed, due to the plugin not sanitizing and...

WordPress Plugin Popup Box Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

PT-2024-20221 · Jenkins · Jenkins

Name of the Vulnerable Software and Affected Versions: Jenkins affected versions not specified Description: A new vulnerability in Jenkins is showcased in a non-competitive box on Hack The Box. The issue is demonstrated through a guided mode challenge, which is available for free. Recommendations...

PT-2024-3147 · WordPress · Jeg Elementor Kit

Name of the Vulnerable Software and Affected Versions: Jeg Elementor Kit plugin for WordPress versions up to, and including, 2.6.3 Description: The issue is related to Stored Cross-Site Scripting via the plugin's image box widget due to insufficient input sanitization and output escaping. This...

WordPress Meta Box – WordPress Custom Fields Framework Plugin <= 5.9.2 is vulnerable to Cross Site Scripting (XSS)

Software Meta Box – WordPress Custom Fields Framework Type Plugin Vulnerable versions = 5.9.2 Fixed in 5.9.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-6526 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 03fafb4798e5...

CVE-2023-6526

The Meta Box – WordPress Custom Fields Framework plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom post meta values displayed through the plugin's shortcode in all versions up to, and including, 5.9.2 due to insufficient input sanitization and output escaping. This make...

CVE-2023-6526

The Meta Box – WordPress Custom Fields Framework plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom post meta values displayed through the plugin's shortcode in all versions up to, and including, 5.9.2 due to insufficient input sanitization and output escaping. This make...

Cross site scripting

The Meta Box – WordPress Custom Fields Framework plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom post meta values displayed through the plugin's shortcode in all versions up to, and including, 5.9.2 due to insufficient input sanitization and output escaping. This make...

CVE-2023-6526

The Meta Box – WordPress Custom Fields Framework plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom post meta values displayed through the plugin's shortcode in all versions up to, and including, 5.9.2 due to insufficient input sanitization and output escaping. This make...

CVE-2023-6526

CVE-2023-6526 affects the WordPress plugin Meta Box – WordPress Custom Fields Framework . The vulnerability is a Stored Cross-Site Scripting (XSS) via custom post meta values rendered by the plugin’s shortcode, present in all versions up to and including 5.9.2. The root cause is insufficient inpu...

coloradoboxoffice.com Cross Site Scripting vulnerability OBB-3849056

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2024-24865

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Noah Kagan Scroll Triggered Box allows Stored XSS.This issue affects Scroll Triggered Box: from n/a through 2.3...

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Noah Kagan Scroll Triggered Box allows Stored XSS.This issue affects Scroll Triggered Box: from n/a through 2.3...