50 matches found
Cross site scripting
The WP Map Block WordPress plugin before 1.2.3 does not escape some attributes of the WP Map Block, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks...
CVE-2021-24643 WP Map Block < 1.2.3 - Contributor+ Stored Cross-Site Scripting
The WP Map Block WordPress plugin before 1.2.3 does not escape some attributes of the WP Map Block, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks...
CVE-2021-24643
The CVE-2021-24643 entry concerns the WordPress plugin WP Map Block (versions before 1.2.3). The root cause is insufficient escaping of certain attributes in the block, enabling Stored Cross-Site Scripting (XSS) when a user with a low privilege (contributor) interacts with the block (e.g., adding...
WordPress 插件 跨站脚本漏洞
WordPress Plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists in the WordPress plugin WP Map Block, which stems from a lack of proper validation of client-side data in the WEB application. An attacker can exploit this vulnerability to execute...
WP Map Block < 1.2.3 - Contributor+ Stored Cross-Site Scripting
The plugin does not escape some attributes of the WP Map Block, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks - As a contributor, add a WP Map Block to a post/page - Click "Show more settings" - Scroll the sidebar and click "Map Marker" -...
WordPress WP Map Block plugin <= 1.2.2 - Stored Cross-Site Scripting (XSS) vulnerabilities
Stored Cross-Site Scripting XSS vulnerabilities discovered by apple502j in WordPress WP Map Block plugin versions = 1.2.2. Solution Update the WordPress WP Map Block plugin to the latest available version at least 1.2.3...
WP Map Block < 1.2.3 - Contributor+ Stored Cross-Site Scripting
The plugin does not escape some attributes of the WP Map Block, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks PoC - As a contributor, add a WP Map Block to a post/page - Click "Show more settings" - Scroll the sidebar and click "Map...
The vulnerability of the `__btrfs_map_block` function in Linux operating system kernels allows a hacker to trigger a service failure.
The vulnerability of the btrfsmapblock function in Linux operating systems is related to writing data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a service failure by performing operations on the mounted Btrfs file system image...
UBUNTU-CVE-2019-19816
In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image and performing some operations can cause slab-out-of-bounds write access in btrfsmapblock in fs/btrfs/volumes.c, because a value of 1 for the number of data stripes is mishandled...
PT-2019-4493 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel version 5.0.21 Description: The issue is related to a buffer overflow in the btrfs map block function of the Linux kernel, specifically when handling a crafted btrfs filesystem image with a certain configuration. This can lead to...