CVE-2024-51804

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bobmatnyc Moka Get Posts Shortcode moka-get-posts allows DOM-Based XSS.This issue affects Moka Get Posts Shortcode: from n/a through = 1.0...

CVE-2024-51804 WordPress Moka Get Posts Shortcode plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bob Matsuoka Moka Get Posts Shortcode allows DOM-Based XSS.This issue affects Moka Get Posts Shortcode: from n/a through 1.0...

CVE-2024-51804 WordPress Moka Get Posts Shortcode plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bobmatnyc Moka Get Posts Shortcode moka-get-posts allows DOM-Based XSS.This issue affects Moka Get Posts Shortcode: from n/a through = 1.0...

CVE-2024-51804

CVE-2024-51804 : DOM-based XSS in WordPress plugin Moka Get Posts Shortcode (moka-get-posts)

WordPress Moka Get Posts Shortcode plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Moka Get Posts Shortcode versions = 1.0...

WordPress Moka Get Posts Shortcode Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)

Software Moka Get Posts Shortcode Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51804 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID e6ae6cd5a20b Credits SOPROBRO Required privilege...

CVE-2023-7072

The Post Grid Combo – 36+ Gutenberg Blocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.68 via the 'getposts' REST API Endpoint. This makes it possible for unauthenticated attackers to extract sensitive data including full draft...

CVE-2023-7072

The Post Grid Combo – 36+ Gutenberg Blocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.68 via the 'getposts' REST API Endpoint. This makes it possible for unauthenticated attackers to extract sensitive data including full draft...

CVE-2023-43979

ETS Soft ybcblog before v4.4.0 was discovered to contain a SQL injection vulnerability via the component YbcblogBlogModuleFrontController::getPosts...

CVE-2023-4386

The Essential Blocks plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 4.2.0 via deserialization of untrusted input in the getposts function. This allows unauthenticated attackers to inject a PHP Object. No POP chain is present in the vulnerable plugin. ...