3948 matches found
PHPJabbers Event Booking Calendar 4.0 Cross Site Scripting / HTML Injection
Exploit Title: PHPJabbers Event Booking Calendar v4.0 - Multiple Stored XSS Date: 19/12/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/event-booking-calendar/sectionDemo Version: v4.0 Tested o...
CVE-2023-48730
A cross-site scripting xss vulnerability exists in the navbarMenuAndLogo.php user name functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted HTTP request can lead to arbitrary Javascript execution. An attacker can get a user to visit a webpage to trigger this vulnerabilit...
Cross site scripting
A cross-site scripting xss vulnerability exists in the navbarMenuAndLogo.php user name functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted HTTP request can lead to arbitrary Javascript execution. An attacker can get a user to visit a webpage to trigger this vulnerabilit...
WordPress WP Social Bookmark Menu Plugin <= 1.2 is vulnerable to Cross Site Request Forgery (CSRF)
Software WP Social Bookmark Menu Type Plugin Vulnerable versions = 1.2 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-7074 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID ca5c286b56c4 Credits Daniel Ruf...
CVE-2023-51673
Cross-Site Request Forgery CSRF vulnerability in Designful Stylish Price List – Price Table Builder & QR Code Restaurant Menu.This issue affects Stylish Price List – Price Table Builder & QR Code Restaurant Menu: from n/a through 7.0.17...
CVE-2023-51673
Cross-Site Request Forgery CSRF vulnerability in Designful Stylish Price List – Price Table Builder & QR Code Restaurant Menu.This issue affects Stylish Price List – Price Table Builder & QR Code Restaurant Menu: from n/a through 7.0.17...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in Designful Stylish Price List – Price Table Builder & QR Code Restaurant Menu.This issue affects Stylish Price List – Price Table Builder & QR Code Restaurant Menu: from n/a through 7.0.17...
CVE-2023-51673
CVE-2023-51673 concerns Cross-Site Request Forgery in the Stylish Price List – Price Table Builder & QR Code Restaurant Menu WordPress plugin (affected: from n/a through 7.0.17). The issue is a CSRF flaw (no details on exploit path beyond CSRF) that could enable unauthorized actions by a logged-i...
CVE-2023-51673 WordPress Stylish Price List Plugin <= 7.0.17 is vulnerable to Broken Access Control
Cross-Site Request Forgery CSRF vulnerability in Designful Stylish Price List – Price Table Builder & QR Code Restaurant Menu.This issue affects Stylish Price List – Price Table Builder & QR Code Restaurant Menu: from n/a through 7.0.17...
SlickNav Mobile Menu < 1.9.3 - Authenticated (Admin+) Stored Cross-Site Scripting
Description The SlickNav Mobile Menu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.9.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
WordPress SlickNav Mobile Menu Plugin <= 1.9.2 is vulnerable to Cross Site Scripting (XSS)
Software SlickNav Mobile Menu Type Plugin Vulnerable versions = 1.9.2 Fixed in 1.9.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-51548 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID f9f71fa8ec0f Credits Mika Required privilege...
PT-2023-10177 · Bestwebsoft · Bestwebsoft Portfolio Plugin
Name of the Vulnerable Software and Affected Versions: BestWebSoft Portfolio Plugin versions up to 2.27 Description: A vulnerability was found in the BestWebSoft Portfolio Plugin, affecting the function bws add menu render of the file bws menu/bws menu.php. The manipulation of the argument bwsmn...
CVE-2023-50834
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in August Infotech WooCommerce Menu Extension allows Stored XSS.This issue affects WooCommerce Menu Extension: from n/a through 1.6.2...
CVE-2023-50834
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in August Infotech WooCommerce Menu Extension allows Stored XSS.This issue affects WooCommerce Menu Extension: from n/a through 1.6.2...
Cross site scripting
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in August Infotech WooCommerce Menu Extension allows Stored XSS.This issue affects WooCommerce Menu Extension: from n/a through 1.6.2...
CVE-2023-50834 WordPress WooCommerce Menu Extension Plugin <= 1.6.2 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in August Infotech WooCommerce Menu Extension allows Stored XSS.This issue affects WooCommerce Menu Extension: from n/a through 1.6.2...
CVE-2023-50834
CVE-2023-50834 : Stored Cross-Site Scripting in WooCommerce Menu Extension (Affected: WooCommerce Menu Extension
CVE-2023-50826
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Freshlight Lab Menu Image, Icons made easy allows Stored XSS.This issue affects Menu Image, Icons made easy: from n/a through 3.10...
CVE-2023-50826
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Freshlight Lab Menu Image, Icons made easy allows Stored XSS.This issue affects Menu Image, Icons made easy: from n/a through 3.10...
Cross site scripting
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Freshlight Lab Menu Image, Icons made easy allows Stored XSS.This issue affects Menu Image, Icons made easy: from n/a through 3.10...