12 matches found
EUVD-2021-24800
Malware in sbrugna...
CVE-2021-38347
The Custom Website Data WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the id parameter found in the /views/edit.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 2.2...
Cross site scripting
The Custom Website Data WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the id parameter found in the /views/edit.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 2.2...
CVE-2021-38347 Custom Website Data <= 2.2 Reflected Cross-Site Scripting
The Custom Website Data WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the id parameter found in the /views/edit.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 2.2...
CVE-2021-38347 Custom Website Data <= 2.2 Reflected Cross-Site Scripting
The Custom Website Data WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the id parameter found in the /views/edit.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 2.2...
CVE-2021-38347
CVE-2021-38347 concerns the WordPress plugin Custom Website Data (<= 2.2). The vulnerability is a Reflected Cross-Site Scripting (XSS) via the id parameter in the file ~/views/edit.php, enabling an attacker to inject arbitrary web scripts. Affected release range is up to and including 2.2. NVD...
WordPress 插件 跨站脚本漏洞
WordPress Plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists in the WordPress plugin Custom Website Data, which stems from a lack of proper validation of client-side data in the web application. An attacker can exploit this vulnerability to...
WordPress 插件跨站脚本漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress Plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists i...
WordPress Custom Website Data plugin <= 2.2 - Reflected Cross-Site Scripting (XSS) vulnerability
Reflected Cross-Site Scripting XSS vulnerability discovered by p7e4 in WordPress Custom Website Data plugin versions = 2.2. Solution This plugin has been closed as of September 7, 2021 and is not available for download. This closure is temporary, pending a full review...
Custom Website Data <= 2.2 - Reflected Cross-Site Scripting
The plugin is vulnerable to Reflected Cross-Site Scripting via the id parameter found in the /views/edit.php file which allows attackers to inject arbitrary web scripts...
Custom Website Data 1.2 - Record Deletion CSRF
The Custom Website Data WordPress plugin was affected by a Record Deletion CSRF security vulnerability...
WordPress Custom Website Data插件跨站请求伪造漏洞
WordPress是一款内容管理系统。 由于程序允许用户通过味精验证的HTTP请求执行某些操作,攻击者可以利用漏洞在已登录的用户访问特制网页时删除任意记录。 0 WordPress Custom Website Data Plugin 1.x 厂商补丁: WordPress ----- WordPress Custom Website Data插件1.3版本以修复此漏洞,建议用户下载使用: http://wordpress.org/plugins/simple-custom-website-data/changelog...