CVE-2023-49485

CVE-2023-49485 concerns JFinalCMS v5.0.0, with a cross-site scripting (XSS) vulnerability in the column management department. The original description and connected documents consistently identify the affected software as JFinalCMS v5.0.0 and attribute the issue to inadequate filtering/escaping ...

CVE-2023-49485

JFinalCMS v5.0.0 was discovered to contain a cross-site scripting XSS vulnerability in the column management department...

PT-2023-31238 · Jfinalcms · Jfinalcms

Name of the Vulnerable Software and Affected Versions: JFinalCMS version 5.0.0 Description: A cross-site scripting XSS issue was found in the column management department. Recommendations: For JFinalCMS version 5.0.0, update to a version that addresses the XSS issue in the column management...

CVE-2023-45762

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Michael Uno miunosoft Responsive Column Widgets.This issue affects Responsive Column Widgets: from n/a through 1.2.7...

CVE-2023-45762

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Michael Uno miunosoft Responsive Column Widgets.This issue affects Responsive Column Widgets: from n/a through 1.2.7...

Open redirect

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Michael Uno miunosoft Responsive Column Widgets.This issue affects Responsive Column Widgets: from n/a through 1.2.7...

CVE-2023-45762 WordPress Responsive Column Widgets Plugin <= 1.2.7 is vulnerable to Open Redirection

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Michael Uno miunosoft Responsive Column Widgets.This issue affects Responsive Column Widgets: from n/a through 1.2.7...

CVE-2023-45762

CVE-2023-45762 is an Open Redirect vulnerability in the WordPress plugin Responsive Column Widgets (versions

PT-2023-29677 · Unknown · Responsive Column Widgets

Name of the Vulnerable Software and Affected Versions: Responsive Column Widgets versions 1.2.7 and earlier Description: The issue is related to a URL Redirection to Untrusted Site, also known as an 'Open Redirect' vulnerability. This vulnerability allows an attacker to redirect users to untruste...

WordPress Plugin Responsive Column Widgets Input Validation Error Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. An input validation error...

UBUNTU-CVE-2023-48950

An issue in the boxcollen function in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS after running a SELECT statement...

PT-2023-8880 · Openlink +4 · Virtuoso-Opensource +4

Name of the Vulnerable Software and Affected Versions: virtuoso-opensource version 7.2.11 Description: The issue is related to insufficient input processing in the box col len function, which can be exploited by a remote attacker to cause a Denial of Service DoS after running a SELECT statement...

Multi-column Tag Map < 17.0.27 - Cross-Site Request Forgery

Description The Multi-column Tag Map plugin for WordPress is vulnerable to Cross-Site Request Forgery due to a missing nonce check on the scmcTagMappluginoptions function in versions up to, and including, 17.0.26. This makes it possible for unauthenticated attackers to update the plugin's setting...

Responsive Column Widgets <= 1.2.7 - Open Redirect via responsive_column_widgets_link

Description The Responsive Column Widgets plugin for WordPress is vulnerable to Open Redirect in versions up to, and including, 1.2.7. This is due to insufficient validation on the redirect url supplied via the responsivecolumnwidgetslink parameter. This makes it possible for unauthenticated...

CVE-2023-5708

The WP Post Columns plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'column' shortcode in all versions up to, and including, 2.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

PT-2023-32281 · WordPress · Wp Post Columns

Name of the Vulnerable Software and Affected Versions: WP Post Columns plugin for WordPress versions up to, and including, 2.2 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'column' shortcode due to insufficient input sanitization and output escaping on...

The vulnerability of the OPNsense operating system, related to the lack of measures taken to protect the structure of web pages, allows attackers to execute cross-site scripting attacks.

The vulnerability of the OPNsense operating system is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks using the columncount parameter...

Responsive Column Widgets <= 1.2.7 - Reflected XSS

Description The plugin does not sanitise and escape the tab parameter before outputting it back in the page, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2023-47520

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Michael Uno miunosoft Responsive Column Widgets plugin = 1.2.7 versions...

CVE-2023-47520

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Michael Uno miunosoft Responsive Column Widgets plugin = 1.2.7 versions...