23 matches found
EUVD-2019-15598
Malware in sbrugna...
EUVD-2019-15597
Malware in sbrugna...
CVE-2019-6029
Cross-site scripting vulnerability in Custom Body Class 0.6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2019-6030
Cross-site request forgery CSRF vulnerability in Custom Body Class 0.6.0 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors...
CVE-2023-5205
The Add Custom Body Class plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'addcustombodyclass' value in versions up to, and including, 1.4.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
WordPress Plugin Add Custom Body Class Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
WordPress Add Custom Body Class Plugin <= 1.4.1 is vulnerable to Cross Site Scripting (XSS)
Software Add Custom Body Class Type Plugin Vulnerable versions = 1.4.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5205 Patch priority Low CVSS severity Low 6.4 Developer Claim ownership PSID 55c282d5e4c0 Credits Francesco Carlucci...
CVE-2019-6029
Cross-site scripting vulnerability in Custom Body Class 0.6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2019-6030
Cross-site request forgery CSRF vulnerability in Custom Body Class 0.6.0 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors...
CVE-2019-6029
Cross-site scripting vulnerability in Custom Body Class 0.6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2019-6030
Cross-site request forgery CSRF vulnerability in Custom Body Class 0.6.0 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors...
Cross site scripting
Cross-site scripting vulnerability in Custom Body Class 0.6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in Custom Body Class 0.6.0 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors...
CVE-2019-6029
CVE-2019-6029 affects the WordPress plugin “Custom Body Class” (versions ≤ 0.6.0). The vulnerability is a Cross-site Scripting (CWE-79) flaw in which insufficient input validation allows remote attackers to inject arbitrary scripts/HTML via unspecified vectors, potentially executing code in the l...
CVE-2019-6030
The CVE-2019-6030 entry concerns the WordPress plugin Custom Body Class (v0.6.0 and earlier). A CSRF flaw in this plugin could allow remote attackers to hijack an administrator’s session and perform actions with admin privileges through unspecified vectors. Exploitation details are not provided i...
CVE-2019-6030
Cross-site request forgery CSRF vulnerability in Custom Body Class 0.6.0 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors...
CVE-2019-6029
Cross-site scripting vulnerability in Custom Body Class 0.6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Multiple vulnerabilities in "Custom Body Class"
Overview WordPress Plugin "Custom Body Class" provided by Andrei Lupu contains multiple vulnerabilities listed below. Cross-site Scripting CWE-79 - CVE-2019-6029 Cross-site Request Forgery CWE-352 - CVE-2019-6030 Shirai Masatake of Cryptography Laboratory,Department of Information and Communicati...
WordPress Custom Body Class Cross-Site Request Forgery Vulnerability
WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports PHP and MySQL servers to set up a personal blog site . Custom Body Class is used in which a CSS class component plug-ins . WordPress Custom Body Class 0.6.0 and previous versio...
WordPress Custom Body Class Cross-Site Scripting Vulnerability
WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports PHP and MySQL servers to set up a personal blog site . Custom Body Class is used in which a CSS class component plug-ins . WordPress Custom Body Class 0.6.0 and previous versio...