WordPress PDF Embedder Plugin <= 4.6.4 is vulnerable to Cross Site Scripting (XSS)

Software PDF Embedder Type Plugin Vulnerable versions = 4.6.4 Fixed in 4.7.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29141 Patch priority Low CVSS severity Low 5.5 Developer Claim ownership PSID 78231154a353 Credits Steven Julian Required privilege...

CVE-2023-51504

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Dan Dulaney Dan's Embedder for Google Calendar allows Stored XSS.This issue affects Dan's Embedder for Google Calendar: from n/a through 1.2...

CVE-2023-51504

CVE-2023-51504 refers to a WordPress plugin vulnerability in Dan's Embedder for Google Calendar (Dans Gcal) with stored XSS. The connected data confirms the issue exists in the WordPress plugin and is characterized by an improper neutralization of input during web page generation, enabling stored...

WordPress plugin Dans Embedder for Google Calendar cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...

CVE-2024-23508

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bPlugins PDF Poster – PDF Embedder Plugin for WordPress allows Reflected XSS.This issue affects PDF Poster – PDF Embedder Plugin for WordPress: from n/a through 2.1.17...

CVE-2024-23508 WordPress PDF Poster - PDF Embedder Plugin for WordPress Plugin <= 2.1.17 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bPlugins PDF Poster – PDF Embedder Plugin for WordPress allows Reflected XSS.This issue affects PDF Poster – PDF Embedder Plugin for WordPress: from n/a through 2.1.17...

CVE-2024-23508

CVE-2024-23508 affects the WordPress plugin PDF Poster – PDF Embedder (bPlugins) up to version 2.1.17. Root cause is improper input neutralization leading to a reflected XSS. A fix is available in version 2.1.18; upgrade recommended. Other sources reiterate the same: vulnerable

CVE-2024-23508 WordPress PDF Poster - PDF Embedder Plugin for WordPress Plugin <= 2.1.17 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bPlugins PDF Poster – PDF Embedder Plugin for WordPress allows Reflected XSS.This issue affects PDF Poster – PDF Embedder Plugin for WordPress: from n/a through 2.1.17...

PDF Poster - PDF Embedder Plugin for WordPress < 2.1.18 - Reflected Cross-Site Scripting

Description The PDF Poster - PDF Embedder Plugin for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 2.1.17 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

WordPress PDF Poster - PDF Embedder Plugin for WordPress Plugin <= 2.1.17 is vulnerable to Cross Site Scripting (XSS)

Software PDF Poster - PDF Embedder Plugin for WordPress Type Plugin Vulnerable versions = 2.1.17 Fixed in 2.1.18 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-23508 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 77b3bf7aca30 Credits Le Ng...

CVE-2023-47417

Cross Site Scripting XSS vulnerability in the component /shells/embedder.html of DZSlides after v2011.07.25 allows attackers to execute arbitrary code via a crafted payload...

DZSlides Security Vulnerabilities

DZSlides is a single-file HTML template for building slideshows in HTML5 and CSS3. A security vulnerability exists in DZSlides versions after v2011.07.25, which stems from a cross-site scripting XSS vulnerability in component /shells/embedder.html. An attacker can exploit the vulnerability to...

SUSE CVE-2015-1302

The PDF viewer in Google Chrome before 46.0.2490.86 does not properly restrict scripting messages and API exposure, which allows remote attackers to bypass the Same Origin Policy via an unintended embedder or unintended plugin loading, related to pdf.js and outofprocessinstance.cc...

SUSE CVE-2022-1231

XSS via Embedded SVG in SVG Diagram Format in GitHub repository plantuml/plantuml prior to 1.2022.4. Stored XSS in the context of the diagram embedder. Depending on the actual context, this ranges from stealing secrets to account hijacking or even to code execution for example in desktop...

CVE-2022-44590

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in James Lao's Simple Video Embedder plugin = 2.2 on WordPress...

Cross site scripting

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in James Lao's Simple Video Embedder plugin = 2.2 on WordPress...

CVE-2022-44590 WordPress Simple Video Embedder plugin <= 2.2 - Auth. Stored Cross-Site Scripting (XSS) vulnerability

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in James Lao's Simple Video Embedder plugin = 2.2 on WordPress...

CVE-2022-44590

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in James Lao's Simple Video Embedder plugin = 2.2 on WordPress...

WordPress Simple Video Embedder plugin <= 2.2 - Auth. Stored Cross-Site Scripting (XSS) vulnerability

Auth. Stored Cross-Site Scripting XSS vulnerability discovered by thiennv Patchstack Alliance in WordPress Simple Video Embedder plugin versions = 2.2. Solution Deactivate and delete. This plugin has been closed as of November 8, 2022 and is not available for download. This closure is temporary,...

WordPress plugin Simple Video Embedder 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...