21 matches found
CVE-2026-4852
The Image Source Control Lite – Show Image Credits and Captions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Image Source' attachment field in all versions up to, and including, 3.9.1 due to insufficient input sanitization and output escaping. This makes it possible...
EUVD-2026-23974
The Image Source Control Lite – Show Image Credits and Captions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Image Source' attachment field in all versions up to, and including, 3.9.1 due to insufficient input sanitization and output escaping. This makes it possible...
CVE-2026-4852
The Image Source Control Lite – Show Image Credits and Captions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Image Source' attachment field in all versions up to, and including, 3.9.1 due to insufficient input sanitization and output escaping. This makes it possible...
CVE-2026-4852 Image Source Control Lite – Show Image Credits and Captions <= 3.9.1 - Authenticated (Author+) Stored Cross-Site Scripting via 'Image Source' Field
The Image Source Control Lite – Show Image Credits and Captions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Image Source' attachment field in all versions up to, and including, 3.9.1 due to insufficient input sanitization and output escaping. This makes it possible...
CVE-2026-4852 Image Source Control Lite – Show Image Credits and Captions <= 3.9.1 - Authenticated (Author+) Stored Cross-Site Scripting via 'Image Source' Field
The Image Source Control Lite – Show Image Credits and Captions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Image Source' attachment field in all versions up to, and including, 3.9.1 due to insufficient input sanitization and output escaping. This makes it possible...
WordPress plugin Image Source Control Lite – Show Image Credits and Captions 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
CVE-2025-55254
Improper management of Path-relative stylesheet import in HCL BigFix Remote Control Lite Web Portal versions 10.1.0.0326 and lower may allow to execute malicious code in certain web pages...
CVE-2025-59849
Improper management of Content Security Policy in HCL BigFix Remote Control Lite Web Portal versions 10.1.0.0326 and lower may allow the execution of malicious code in web pages...
CVE-2025-59849
Improper management of Content Security Policy in HCL BigFix Remote Control Lite Web Portal versions 10.1.0.0326 and lower may allow the execution of malicious code in web pages...
CVE-2025-55254
Improper management of Path-relative stylesheet import in HCL BigFix Remote Control Lite Web Portal versions 10.1.0.0326 and lower may allow to execute malicious code in certain web pages...
CVE-2025-55254
Improper management of Path-relative stylesheet import in HCL BigFix Remote Control Lite Web Portal versions 10.1.0.0326 and lower may allow to execute malicious code in certain web pages...
CVE-2025-59849 HCL BigFix Remote Control is vulnerable to an insecure CSP configuration
Improper management of Content Security Policy in HCL BigFix Remote Control Lite Web Portal versions 10.1.0.0326 and lower may allow the execution of malicious code in web pages...
PT-2025-51915
Name of the Vulnerable Software and Affected Versions HCL BigFix Remote Control Lite Web Portal versions 10.1.0.0326 and lower Description A flaw exists in the way the software handles path-relative stylesheet imports. This could allow for the execution of malicious code within specific web pages...
CVE-2024-13515
The Image Source Control Lite – Show Image Credits and Captions plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'path' parameter in all versions up to, and including, 2.28.0 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2024-13515 Image Source Control Lite – Show Image Credits and Captions <= 2.28.0 - Reflected Cross-Site Scripting
The Image Source Control Lite – Show Image Credits and Captions plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'path' parameter in all versions up to, and including, 2.28.0 due to insufficient input sanitization and output escaping. This makes it possible for...
WordPress plugin Image Source Control Lite 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerability...
CVE-2023-52187
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Thomas Maier Image Source Control Lite – Show Image Credits and Captions.This issue affects Image Source Control Lite – Show Image Credits and Captions: from n/a through 2.17.0...
Code injection
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Thomas Maier Image Source Control Lite – Show Image Credits and Captions.This issue affects Image Source Control Lite – Show Image Credits and Captions: from n/a through 2.17.0...
CVE-2023-52187
CVE-2023-52187 affects the WordPress plugin Image Source Control Lite – Show Image Credits and Captions . Public records indicate vulnerability is an Exposure of Sensitive Information to an Unauthorized Actor affecting versions from unknown through 2.17.0 . The data sources also indicate this vul...
Taxonomy Access Control Lite - Critical - Unsupported - SA-CONTRIB-2022-006
Update 2022-03-01. New maintainers have volunteered for the project and created a new release which includes fixes for the 3 security issues that caused the module to be unsupported. The security team is marking this project unsupported. There is a known security issue with the project that has n...