EUVD-2016-1073

Malware in sbrugna...

CVE-2023-2026

The Image Protector WordPress plugin through 1.1 does not properly sanitize some of its settings, which could allow high-privilege users to perform Stored Cross-Site Scripting XSS attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2023-2026

The Image Protector WordPress plugin through 1.1 does not properly sanitize some of its settings, which could allow high-privilege users to perform Stored Cross-Site Scripting XSS attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2023-2026

The Image Protector WordPress plugin through 1.1 does not properly sanitize some of its settings, which could allow high-privilege users to perform Stored Cross-Site Scripting XSS attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2023-2026 Image Protector <= 1.1 - Admin+ Stored Cross-Site Scripting

The Image Protector WordPress plugin through 1.1 does not properly sanitize some of its settings, which could allow high-privilege users to perform Stored Cross-Site Scripting XSS attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2023-2026

CVE-2023-2026 affects the Image Protector WordPress plugin (

WordPress plugin Image Protector 跨站脚本漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin of the WordPress Foundation. A cross-site scripting vulnerability...

PT-2023-17422 · WordPress · Image Protector

Name of the Vulnerable Software and Affected Versions: Image Protector WordPress plugin versions 1.1 and earlier Description: The issue allows high-privilege users to perform Stored Cross-Site Scripting XSS attacks due to improper sanitization of some settings, even when the unfiltered html...

WordPress Defa Online Image Protector Plugin <= 1.1 is vulnerable to Cross Site Scripting (XSS)

Software Defa Online Image Protector Type Plugin Vulnerable versions = 1.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2026 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 01e5a8f2cad7 Credits Shreya Pohekar...

Image Protector <= 1.1 - Admin+ Stored Cross-Site Scripting

The plugin does not properly sanitize some of its settings, which could allow high-privilege users to perform Stored Cross-Site Scripting XSS attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. PoC 1. Go to...

Image Protector <= 1.1 - Admin+ Stored Cross-Site Scripting

The plugin does not properly sanitize some of its settings, which could allow high-privilege users to perform Stored Cross-Site Scripting XSS attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. 1. Go to...

Wordpress defa-online-image-protector plugin cross-site scripting vulnerability

WordPress is the WordPress Software Foundation's set of blogging platforms developed using the PHP language, which supports personal blog sites set up on servers with PHP and MySQL. defa-online-image-protector is one of the online image protection plug-ins. A cross-site scripting vulnerability...

CVE-2016-1000129

Reflected XSS in wordpress plugin defa-online-image-protector v3.3...

CVE-2016-1000129

Reflected XSS in wordpress plugin defa-online-image-protector v3.3...

Cross site scripting

Reflected XSS in wordpress plugin defa-online-image-protector v3.3...

CVE-2016-1000129

Summary: CVE-2016-1000129 is a reflected cross-site scripting (XSS) vulnerability in the WordPress plugin “defa-online-image-protector”