EUVD-2018-13538

Malware in sbrugna...

CVE-2018-21014

The buddyboss-media plugin through 3.2.3 for WordPress has stored XSS...

WordPress buddyboss-media plugin cross-site scripting vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. buddyboss-media is a BuddyBoss Media Library plugin used in it. A cross-site scripting vulnerability exists in the WordPress...

CVE-2018-21014

The buddyboss-media plugin through 3.2.3 for WordPress has stored XSS...

Cross site scripting

The buddyboss-media plugin through 3.2.3 for WordPress has stored XSS...

CVE-2018-21014

The CVE-2018-21014 entry concerns the WordPress plugin BuddyBoss Media (plugin version up to 3.2.3). The connected sources confirm a Stored Cross‑Site Scripting (XSS) vulnerability in this plugin, which can affect WordPress sites using BuddyBoss Media. The NVD entry describes the vulnerability as...

CVE-2018-21014

The buddyboss-media plugin through 3.2.3 for WordPress has stored XSS...

WordPress BuddyBoss Media plugin <=3.2.3 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability found by ozzy in WordPress BuddyBoss Media plugin versions =3.2.3. Solution 1/22/2018 - no public information or changelog available, we can't confirm that vulnerability is patched...

BuddyBoss Media <= 3.2.3 - Stored XSS

The album description does not perform input / output validation. According to the researcher: No reply from vendor. Issue not patched. Vulnerability can be exploited by any user. Form not vulnerable to CSRF. PoC '"...

BuddyBoss Media <= 3.2.3 - Stored XSS

The album description does not perform input / output validation. According to the researcher: No reply from vendor. Issue not patched. Vulnerability can be exploited by any user. Form not vulnerable to CSRF. '"alert"test";...