Lucene search
+L

94 matches found

NVD
NVD
added 2026/03/21 12:16 a.m.6 views

CVE-2026-3350

The Image Alt Text Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the post title in all versions up to, and including, 1.8.2. This is due to insufficient input sanitization and output escaping when dynamically generating image alt and title attributes using a DOM...

6.4CVSS0.00193EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/21 12:0 a.m.11 views

WordPress plugin Image Alt Text Manager 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.4CVSS5.7AI score0.00193EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/21 12:0 a.m.8 views

PT-2026-26799

The Logo Slider – Logo Carousel, Logo Showcase & Client Logo Slider Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the image alt text in all versions up to, and including, 4.9.0 due to insufficient input sanitization and output escaping in the 'logo-slider' shortcode...

6.4CVSS6AI score0.00156EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/20 11:25 p.m.32 views

CVE-2026-3350 Image Alt Text Manager <= 1.8.2 - Authenticated (Author+) Stored Cross-Site Scripting via Post Title

The Image Alt Text Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the post title in all versions up to, and including, 1.8.2. This is due to insufficient input sanitization and output escaping when dynamically generating image alt and title attributes using a DOM...

6.4CVSS0.00193EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/03/20 11:25 p.m.3 views

CVE-2026-3350 Image Alt Text Manager <= 1.8.2 - Authenticated (Author+) Stored Cross-Site Scripting via Post Title

The Image Alt Text Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the post title in all versions up to, and including, 1.8.2. This is due to insufficient input sanitization and output escaping when dynamically generating image alt and title attributes using a DOM...

6.4CVSS6AI score0.00193EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/20 11:25 p.m.5 views

CVE-2026-3350

The Image Alt Text Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the post title in all versions up to, and including, 1.8.2. This is due to insufficient input sanitization and output escaping when dynamically generating image alt and title attributes using a DOM...

6.4CVSS6AI score0.00193EPSS
Exploits0References5
CVE
CVE
added 2026/03/20 11:25 p.m.12 views

CVE-2026-3350

CVE-2026-3350 – Image Alt Text Manager (WordPress) stores XSS via post title (Authenticated, Author+). The Wordfence entry for Image Alt Text Manager &lt;= 1.8.2 confirms a stored cross-site scripting vulnerability triggered when generating image alt/title attributes from the post title. Authenti...

6.4CVSS6AI score0.00193EPSS
Exploits0References4
Patchstack
Patchstack
added 2026/03/20 8:55 p.m.8 views

WordPress Image Alt Text Manager plugin <= 1.8.2 - Authenticated (Author+) Stored Cross-Site Scripting via Post Title vulnerability

Authenticated Author+ Stored Cross-Site Scripting via Post Title vulnerability discovered by WordFence in WordPress Plugin Alt Manager versions = 1.8.2...

6.4CVSS5.8AI score0.00193EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/20 12:0 a.m.4 views

PT-2026-26717

The Image Alt Text Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the post title in all versions up to, and including, 1.8.2. This is due to insufficient input sanitization and output escaping when dynamically generating image alt and title attributes using a DOM...

6.4CVSS6AI score0.00193EPSS
Exploits0References5
EUVD
EUVD
added 2026/02/27 9:30 a.m.6 views

EUVD-2026-9016

The WP Accessibility plugin for WordPress is vulnerable to Stored DOM-Based Cross-Site Scripting via the 'alt' attribute of images processed by the "Long Description UI" feature in all versions up to, and including, 2.3.1. This is due to the plugin's JavaScript retrieving the alt attribute using...

6.4CVSS6AI score0.00205EPSS
Exploits0References7
NVD
NVD
added 2026/02/27 9:16 a.m.13 views

CVE-2026-2362

The WP Accessibility plugin for WordPress is vulnerable to Stored DOM-Based Cross-Site Scripting via the 'alt' attribute of images processed by the "Long Description UI" feature in all versions up to, and including, 2.3.1. This is due to the plugin's JavaScript retrieving the alt attribute using...

6.4CVSS0.00205EPSS
Exploits0References6
Patchstack
Patchstack
added 2026/02/04 10:45 p.m.8 views

WordPress Robin Image Optimizer plugin <= 2.0.2 - Authenticated (Author+) Stored Cross-Site Scripting via Image Alternative Text Field vulnerability

Authenticated Author+ Stored Cross-Site Scripting via Image Alternative Text Field vulnerability discovered by Vincent Theriault-Laine in WordPress Plugin Robin image optimizer versions = 2.0.2...

6.4CVSS5.3AI score0.00205EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/24 3:18 p.m.8 views

CVE-2026-24579

Missing Authorization vulnerability in WP Messiah Ai Image Alt Text Generator for WP ai-image-alt-text-generator-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ai Image Alt Text Generator for WP: from n/a through = 1.1.9...

4.3CVSS5.4AI score0.00185EPSS
Exploits0References1
NVD
NVD
added 2026/01/23 3:16 p.m.5 views

CVE-2026-24579

Missing Authorization vulnerability in WP Messiah Ai Image Alt Text Generator for WP ai-image-alt-text-generator-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ai Image Alt Text Generator for WP: from n/a through = 1.1.9...

4.3CVSS0.00185EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/23 2:28 p.m.33 views

CVE-2026-24579 WordPress Ai Image Alt Text Generator for WP plugin <= 1.1.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in WP Messiah Ai Image Alt Text Generator for WP ai-image-alt-text-generator-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ai Image Alt Text Generator for WP: from n/a through = 1.1.9...

4.3CVSS0.00185EPSS
Exploits0References1
CVE
CVE
added 2026/01/23 2:28 p.m.30 views

CVE-2026-24579

CVE-2026-24579 is a missing/ broken authorization vulnerability in the WordPress plugin Ai Image Alt Text Generator for WP (versions up to and including 1.1.9). Public sources in the Connected documents describe this as an access-control flaw that allows exploitation due to misconfigured access l...

4.3CVSS5.4AI score0.00185EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/23 2:28 p.m.4 views

CVE-2026-24579

Missing Authorization vulnerability in WP Messiah Ai Image Alt Text Generator for WP ai-image-alt-text-generator-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ai Image Alt Text Generator for WP: from n/a through = 1.1.9...

4.3CVSS5.9AI score0.00185EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/23 12:0 a.m.12 views

PT-2026-4418

Name of the Vulnerable Software and Affected Versions WP Messiah Ai Image Alt Text Generator for WP versions through 1.1.9 Description The Ai Image Alt Text Generator for WP software contains a missing authorization flaw. This allows exploitation due to incorrectly configured access control...

5.3AI score0.00185EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/23 12:0 a.m.10 views

WordPress Plugin: Ai Image Alt Text Generator for WP Security Vulnerabilities

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

4.3CVSS5.8AI score0.00185EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/01/20 8:15 a.m.7 views

WordPress Ai Image Alt Text Generator for WP plugin <= 1.1.9 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Ai Image Alt Text Generator for WP versions = 1.1.9...

4.3CVSS5.4AI score0.00185EPSS
Exploits0Affected Software1
Rows per page
Query Builder