WordPress Tracking Code Manager plugin <= 2.1.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Abdi Pranata Patchstack Alliance in WordPress Plugin Tracking Code Manager versions = 2.1.0...

WordPress Tracking Code Manager Plugin <= 2.1.0 is vulnerable to Broken Access Control

Software Tracking Code Manager Type Plugin Vulnerable versions = 2.1.0 Fixed in 2.2.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-31347 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 51665fb13771 Credits Abdi Pranata Required...

CVE-2024-2579

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Data443 Tracking Code Manager.This issue affects Tracking Code Manager: from n/a through 2.0.16...

CVE-2024-2579 WordPress Tracking Code Manager plugin <= 2.0.16 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Data443 Tracking Code Manager.This issue affects Tracking Code Manager: from n/a through 2.0.16...

CVE-2024-2579

CVE-2024-2579 — WordPress Tracking Code Manager: Cross-Site Scripting due to improper input neutralization in Tracking Code Manager, versions n/a through 2.0.16. Root cause: lack of proper input handling during web page generation. Impact: XSS risk for sites using the vulnerable plugin (severity ...

CVE-2024-2579 WordPress Tracking Code Manager plugin <= 2.0.16 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Data443 Tracking Code Manager.This issue affects Tracking Code Manager: from n/a through 2.0.16...

PT-2024-21136 · Data443 · Data443 Tracking Code Manager

Name of the Vulnerable Software and Affected Versions: Data443 Tracking Code Manager versions n/a through 2.0.16 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for the injection of malicious scripts...

WordPress Plugin Tracking Code Manager 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress...

WordPress Tracking Code Manager Plugin <= 2.0.16 is vulnerable to Cross Site Scripting (XSS)

Software Tracking Code Manager Type Plugin Vulnerable versions = 2.0.16 Fixed in 2.1.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-2579 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 5ffb225ee347 Credits Joshua Chan Required privilege...

WordPress Header Footer Code Manager Plugin < 1.1.35 CSRF Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:draftpress:headerfootercodemanager"; ifdescription...

CVE-2023-39989

Cross-Site Request Forgery CSRF vulnerability in 99robots Header Footer Code Manager plugin = 1.1.34 versions...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in 99robots Header Footer Code Manager plugin = 1.1.34 versions...

CVE-2023-39989

CVE-2023-39989 affects the WordPress plugin Header Footer Code Manager (versions ≤ 1.1.34). The issue is a Cross-Site Request Forgery (CSRF) vulnerability, allowing unauthenticated exploitation of authorized actions. Patchstack lists a fix in 1.1.35 and notes the vulnerability has a low severity ...

CVE-2023-39989 WordPress Header Footer Code Manager Plugin <= 1.1.34 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in 99robots Header Footer Code Manager plugin = 1.1.34 versions...

PT-2023-27195 · WordPress · 99Robots Header Footer Code Manager

Name of the Vulnerable Software and Affected Versions: 99robots Header Footer Code Manager plugin versions 1.1.34 and earlier Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing...

WordPress Plugin Header Footer Code Manager Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

WordPress Header Footer Code Manager Plugin <= 1.1.34 is vulnerable to Cross Site Request Forgery (CSRF)

Software Header Footer Code Manager Type Plugin Vulnerable versions = 1.1.34 Fixed in 1.1.35 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-39989 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 5536fb0cce4a Credits Rafie...

WordPress Code Manager Plugin < 1.0.26 is vulnerable to Cross Site Scripting (XSS)

Software Code Manager Type Plugin Vulnerable versions 1.0.26 Fixed in 1.0.26 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 788e1414e608 Credits Rafie Muhammad Patchstack Required...

WordPress Header Footer Code Manager Plugin < 1.1.24 XSS Vulnerability

The WordPress plugin Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...

CVE-2022-0899

The Header Footer Code Manager WordPress plugin before 1.1.24 does not escape generated URLs before outputting them back in attributes in an admin page, leading to a Reflected Cross-Site Scripting...