CVE-2023-4999

The Horizontal scrolling announcement plugin for WordPress is vulnerable to SQL Injection via the plugin's horizontal-scrolling shortcode in versions up to, and including, 9.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query...

EUVD-2023-54829

Malicious code in bioql PyPI...

CVE-2023-5000

The Horizontal scrolling announcements plugin for WordPress is vulnerable to SQL Injection via the plugin's 'hsas-shortcode' shortcode in versions up to, and including, 2.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. Th...

CVE-2023-5000 Horizontal scrolling announcements <= 2.4 - Authenticated (Contributor+) SQL Injection via Shortcode

The Horizontal scrolling announcements plugin for WordPress is vulnerable to SQL Injection via the plugin's 'hsas-shortcode' shortcode in versions up to, and including, 2.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. Th...

CVE-2023-5000

CVE-2023-5000 pertains to the WordPress plugin Horizontal scrolling announcements where an SQL Injection exists via the shortcode hsas-shortcode in versions up to 2.4. The issue arises from insufficient escaping of user input and inadequate preparation of the SQL query, enabling authenticated att...

WordPress plugin Horizontal scrolling announcements 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPress...

WordPress Horizontal scrolling announcements Plugin <= 2.4 is vulnerable to SQL Injection

Software Horizontal scrolling announcements Type Plugin Vulnerable versions = 2.4 Fixed in 2.5 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-5000 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID a1ff35c414c3 Credits István Márton Required privilege...

CVE-2023-4999

The Horizontal scrolling announcement plugin for WordPress is vulnerable to SQL Injection via the plugin's horizontal-scrolling shortcode in versions up to, and including, 9.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query...

CVE-2023-4999

The Horizontal scrolling announcement plugin for WordPress is vulnerable to SQL Injection via the plugin's horizontal-scrolling shortcode in versions up to, and including, 9.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query...

Sql injection

The Horizontal scrolling announcement plugin for WordPress is vulnerable to SQL Injection via the plugin's horizontal-scrolling shortcode in versions up to, and including, 9.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query...

WordPress Plugin Horizontal scrolling announcement SQL Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...

WordPress Horizontal scrolling announcement Plugin <= 9.2 is vulnerable to SQL Injection

Software Horizontal scrolling announcement Type Plugin Vulnerable versions = 9.2 Fixed in N/A OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-4999 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 360dd90299d7 Credits Lana Codes Required privilege...

WordPress Horizontal scrolling announcement Plugin <= 9.2 is vulnerable to Cross Site Scripting (XSS)

Software Horizontal scrolling announcement Type Plugin Vulnerable versions = 9.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5001 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 9fe7afb4fe6f Credits Lana Codes...

CVE-2023-5001

The Horizontal scrolling announcement plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'horizontal-scrolling' shortcode in versions up to, and including, 9.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2023-5001

The Horizontal scrolling announcement for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'horizontal-scrolling' shortcode in versions up to, and including, 9.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

WordPress Plugin Horizontal scrolling announcement cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

PT-2023-31454 · WordPress · Horizontal Scrolling Announcement

Name of the Vulnerable Software and Affected Versions: Horizontal scrolling announcement for WordPress plugin versions up to, and including, 9.2 Description: The issue is related to Stored Cross-Site Scripting via the horizontal-scrolling shortcode due to insufficient input sanitization and outpu...

[SECURITY] Fedora 31 Update: links-2.20.2-1.fc31

Links is a web browser capable of running in either graphics or text mode. It provides a pull-down menu system, renders complex pages, has partial HTML 4.0 support including tables, frames and support for multiple character se ts and UTF-8, supports color and monochrome terminals and allows...

Fedora Update for links FEDORA-2018-2c0a92fd3d

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 28 Update: links-2.17-1.fc28

Links is a web browser capable of running in either graphics or text mode. It provides a pull-down menu system, renders complex pages, has partial HTML 4.0 support including tables, frames and support for multiple character se ts and UTF-8, supports color and monochrome terminals and allows...