16 matches found
CVE-2026-39666
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in telepathy Hello Bar Popup Builder hellobar allows DOM-Based XSS.This issue affects Hello Bar Popup Builder: from n/a through = 1.5.1...
EUVD-2026-20340
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in telepathy Hello Bar Popup Builder hellobar allows DOM-Based XSS.This issue affects Hello Bar Popup Builder: from n/a through = 1.5.1...
CVE-2026-39666
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in telepathy Hello Bar Popup Builder hellobar allows DOM-Based XSS.This issue affects Hello Bar Popup Builder: from n/a through = 1.5.1...
CVE-2026-39666
The CVE concerns the WordPress plugin Hello Bar Popup Builder by telepathy, affected versions are up to and including 1.5.1. It reports a DOM-Based XSS due to improper input neutralization during web page generation, enabling cross-site scripting. Impact is described as Cross-Site Scripting with ...
CVE-2026-39666 WordPress Hello Bar Popup Builder plugin <= 1.5.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in telepathy Hello Bar Popup Builder hellobar allows DOM-Based XSS.This issue affects Hello Bar Popup Builder: from n/a through = 1.5.1...
CVE-2026-39666 WordPress Hello Bar Popup Builder plugin <= 1.5.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in telepathy Hello Bar Popup Builder hellobar allows DOM-Based XSS.This issue affects Hello Bar Popup Builder: from n/a through = 1.5.1...
CVE-2026-39666
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in telepathy Hello Bar Popup Builder hellobar allows DOM-Based XSS.This issue affects Hello Bar Popup Builder: from n/a through = 1.5.1...
PT-2026-31228
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in telepathy Hello Bar Popup Builder hellobar allows DOM-Based XSS.This issue affects Hello Bar Popup Builder: from n/a through = 1.5.1...
WordPress plugin Hello Bar Popup Builder 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
CVE-2026-1042
The WP Hello Bar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'digitone' and 'digittwo' parameters in all versions up to, and including, 1.02 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2026-1042
The WP Hello Bar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'digitone' and 'digittwo' parameters in all versions up to, and including, 1.02 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2026-1042 WP Hello Bar <= 1.02 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'digit_one' and 'digit_two' Parameters
The WP Hello Bar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'digitone' and 'digittwo' parameters in all versions up to, and including, 1.02 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2026-1042
The WP Hello Bar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'digitone' and 'digittwo' parameters in all versions up to, and including, 1.02 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2026-1042 WP Hello Bar <= 1.02 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'digit_one' and 'digit_two' Parameters
The WP Hello Bar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'digitone' and 'digittwo' parameters in all versions up to, and including, 1.02 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
WordPress plugin WP Hello Bar has a cross-site scripting vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress WP Hello Bar plugin <= 1.02 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'digit_one' and 'digit_two' Parameters vulnerability
Authenticated Administrator+ Stored Cross-Site Scripting via 'digitone' and 'digittwo' Parameters vulnerability discovered by 0x34rth in WordPress Plugin WP Hello Bar versions = 1.02...