Cross site request forgery (csrf)

flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery CSRF via the component /core/tools/deletemenu.php...

flusity CMS Cross-Site Request Forgery Vulnerability

flusity CMS is a user interaction interface solution where code can be easily changed or added. A cross-site request forgery vulnerability exists in flusity CMS version v2.33, which stems from a cross-site request forgery CSRF vulnerability in component /core/tools/updatemenu.php...

flusity CMS Cross-Site Request Forgery Vulnerability

flusity CMS is a user interaction interface solution where code can be easily changed or added. A cross-site request forgery vulnerability exists in flusity CMS version v2.33, which stems from a cross-site request forgery CSRF vulnerability in component /core/tools/deletemenu.php...

Memory corruption

freeglut through 3.4.0 was discovered to contain a memory leak via the menuEntry variable in the glutAddMenuEntry function...

WordPress Admin Menu Editor Plugin <= 1.12 is vulnerable to Cross Site Request Forgery (CSRF)

Software Admin Menu Editor Type Plugin Vulnerable versions = 1.12 Fixed in 1.12.1 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-24876 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 49e5e1a0e68c Credits Dhabaleshwar Das...

PT-2024-20434 · Unknown · Flusity-Cms

Name of the Vulnerable Software and Affected Versions: flusity-CMS version 2.33 Description: A Cross Site Request Forgery CSRF issue allows remote attackers to execute arbitrary code via the add menu.php component. This enables attackers to perform unauthorized actions on behalf of a legitimate...

CVE-2023-51548

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Neil Gee SlickNav Mobile Menu allows Stored XSS.This issue affects SlickNav Mobile Menu: from n/a through 1.9.2...

CVE-2023-51548

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Neil Gee SlickNav Mobile Menu allows Stored XSS.This issue affects SlickNav Mobile Menu: from n/a through 1.9.2...

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Neil Gee SlickNav Mobile Menu allows Stored XSS.This issue affects SlickNav Mobile Menu: from n/a through 1.9.2...

CVE-2023-51548

CVE-2023-51548 concerns the WordPress plugin SlickNav Mobile Menu. The vulnerability is an Stored Cross-Site Scripting (XSS) due to improper neutralization of input during web page generation, allowing injected scripts to be stored and executed in pages viewed by users. Affected versions are Slic...

CVE-2023-51548 WordPress SlickNav Mobile Menu Plugin <= 1.9.2 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Neil Gee SlickNav Mobile Menu allows Stored XSS.This issue affects SlickNav Mobile Menu: from n/a through 1.9.2...

WordPress plugin SlickNav Mobile Menu cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

PT-2024-14198 · Unknown · Slicknav Mobile Menu

Name of the Vulnerable Software and Affected Versions: SlickNav Mobile Menu versions 1.9.2 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can...

Exploit for CVE-2024-22890

CVE List CVE-2024-22890: My e-Diary App - Cross-Site-Script...

CVE-2024-24134

Sourcecodester Online Food Menu 1.0 is vulnerable to Cross Site Scripting XSS via the 'Menu Name' and 'Description' fields in the Update Menu section...

CVE-2024-24134

Sourcecodester Online Food Menu 1.0 is vulnerable to Cross Site Scripting XSS via the 'Menu Name' and 'Description' fields in the Update Menu section...

Cross site scripting

Sourcecodester Online Food Menu 1.0 is vulnerable to Cross Site Scripting XSS via the 'Menu Name' and 'Description' fields in the Update Menu section...

CVE-2023-7074

The WP SOCIAL BOOKMARK MENU WordPress plugin through 1.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2023-7074 WP Social Bookmark Menu <= 1.2 - Settings Update via CSRF

The WP SOCIAL BOOKMARK MENU WordPress plugin through 1.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2023-7074

The CVE refers to WP Social Bookmark Menu