CVE-2023-50826

CVE-2023-50826 : Stored XSS in the WordPress plugin Menu Image, Icons made easy (affected through 3.10). The vulnerability is described as an input handling issue during web page generation (XSS) and is currently listed as Unpatched per the connected documents; patch/update availability is not pr...

CVE-2023-50826 WordPress Menu Image, Icons made easy Plugin <= 3.10 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Freshlight Lab Menu Image, Icons made easy allows Stored XSS.This issue affects Menu Image, Icons made easy: from n/a through 3.10...

CVE-2023-7047

Inadequate validation of permissions when employing remote tools and macros via the context menu within Devolutions Remote Desktop Manager versions 2023.3.31 and earlier permits a user to initiate a connection without proper execution rights via the remote tools feature. This affects only SQL dat...

WordPress plugin Menu Image, Icons made easy Cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin Menu Image, Icons made eas...

PT-2023-31657 · Unknown · Freshlight Lab Menu Image

Name of the Vulnerable Software and Affected Versions: Freshlight Lab Menu Image, Icons made easy versions n/a through 3.10 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Stored XSS, which means...

WordPress plugin WooCommerce Menu Extension cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

PT-2023-32850 · Devolutions · Devolutions Remote Desktop Manager

Name of the Vulnerable Software and Affected Versions: Devolutions Remote Desktop Manager versions 2023.3.31 and earlier Description: The issue is related to inadequate validation of permissions when using remote tools and macros via the context menu. This allows a user to initiate a connection...

PT-2023-31665 · WordPress · Woocommerce Menu Extension

Name of the Vulnerable Software and Affected Versions: WooCommerce Menu Extension versions 1.6.2 and earlier Description: The issue is related to improper neutralization of input during web page generation, which leads to a Stored XSS vulnerability. This allows for the storage of malicious script...

WordPress WooCommerce Menu Extension Plugin <= 1.6.2 is vulnerable to Cross Site Scripting (XSS)

Software WooCommerce Menu Extension Type Plugin Vulnerable versions = 1.6.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-50834 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID c62235030fda Credits Ray Wilson Required privilege...

WordPress Menu Image, Icons made easy Plugin <= 3.10 is vulnerable to Cross Site Scripting (XSS)

Software Menu Image, Icons made easy Type Plugin Vulnerable versions = 3.10 Fixed in 3.11 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-50826 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID e7ae4a05a16b Credits emad Required privilege...

CVE-2023-49855

Cross-Site Request Forgery CSRF vulnerability in BinaryCarpenter Menu Bar Cart Icon For WooCommerce By Binary Carpenter.This issue affects Menu Bar Cart Icon For WooCommerce By Binary Carpenter: from n/a through 1.49.3...

CVE-2023-49855

Cross-Site Request Forgery CSRF vulnerability in BinaryCarpenter Menu Bar Cart Icon For WooCommerce By Binary Carpenter.This issue affects Menu Bar Cart Icon For WooCommerce By Binary Carpenter: from n/a through 1.49.3...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in BinaryCarpenter Menu Bar Cart Icon For WooCommerce By Binary Carpenter.This issue affects Menu Bar Cart Icon For WooCommerce By Binary Carpenter: from n/a through 1.49.3...

CVE-2023-49855 WordPress BC Menu Bar Cart Icon For WooCommerce By Binary Carpenter Plugin <= 1.49.3 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in BinaryCarpenter Menu Bar Cart Icon For WooCommerce By Binary Carpenter.This issue affects Menu Bar Cart Icon For WooCommerce By Binary Carpenter: from n/a through 1.49.3...

CVE-2023-49855

CSRF vulnerability in BinaryCarpenter’s Menu Bar Cart Icon For WooCommerce (plugin by Binary Carpenter) affects versions up to 1.49.3. Root cause per CVE records: missing nonce validation enabling unauthenticated forged requests. Impact can include unauthorized actions on affected WordPress sites...

CVE-2023-49855 WordPress BC Menu Bar Cart Icon For WooCommerce By Binary Carpenter Plugin <= 1.49.3 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in BinaryCarpenter Menu Bar Cart Icon For WooCommerce By Binary Carpenter.This issue affects Menu Bar Cart Icon For WooCommerce By Binary Carpenter: from n/a through 1.49.3...

WordPress Plugin Menu Bar Cart Icon For WooCommerce By Binary Carpenter Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

FreeBSD : chromium -- multiple security fixes (4405e9ad-97fe-11ee-86bb-a8a1599412c6)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 4405e9ad-97fe-11ee-86bb-a8a1599412c6 advisory. - Use after free in Media Stream in Google Chrome prior to 120.0.6099.62 allowed a remote...

DEBIAN-CVE-2023-6512

Inappropriate implementation in Web Browser UI in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to potentially spoof the contents of an iframe dialog context menu via a crafted HTML page. Chromium security severity: Low...

Design/Logic Flaw

Inappropriate implementation in Web Browser UI in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to potentially spoof the contents of an iframe dialog context menu via a crafted HTML page. Chromium security severity: Low...