3985 matches found
WordPress WP Social Bookmark Menu Plugin <= 1.2 is vulnerable to Cross Site Request Forgery (CSRF)
Software WP Social Bookmark Menu Type Plugin Vulnerable versions = 1.2 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-7074 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID ca5c286b56c4 Credits Daniel Ruf...
CVE-2023-51673
Cross-Site Request Forgery CSRF vulnerability in Designful Stylish Price List – Price Table Builder & QR Code Restaurant Menu.This issue affects Stylish Price List – Price Table Builder & QR Code Restaurant Menu: from n/a through 7.0.17...
CVE-2023-51673
Cross-Site Request Forgery CSRF vulnerability in Designful Stylish Price List – Price Table Builder & QR Code Restaurant Menu.This issue affects Stylish Price List – Price Table Builder & QR Code Restaurant Menu: from n/a through 7.0.17...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in Designful Stylish Price List – Price Table Builder & QR Code Restaurant Menu.This issue affects Stylish Price List – Price Table Builder & QR Code Restaurant Menu: from n/a through 7.0.17...
CVE-2023-51673 WordPress Stylish Price List Plugin <= 7.0.17 is vulnerable to Broken Access Control
Cross-Site Request Forgery CSRF vulnerability in Designful Stylish Price List – Price Table Builder & QR Code Restaurant Menu.This issue affects Stylish Price List – Price Table Builder & QR Code Restaurant Menu: from n/a through 7.0.17...
CVE-2023-51673
CVE-2023-51673 concerns Cross-Site Request Forgery in the Stylish Price List – Price Table Builder & QR Code Restaurant Menu WordPress plugin (affected: from n/a through 7.0.17). The issue is a CSRF flaw (no details on exploit path beyond CSRF) that could enable unauthorized actions by a logged-i...
SlickNav Mobile Menu < 1.9.3 - Authenticated (Admin+) Stored Cross-Site Scripting
Description The SlickNav Mobile Menu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.9.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
WordPress SlickNav Mobile Menu Plugin <= 1.9.2 is vulnerable to Cross Site Scripting (XSS)
Software SlickNav Mobile Menu Type Plugin Vulnerable versions = 1.9.2 Fixed in 1.9.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-51548 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID f9f71fa8ec0f Credits Mika Required privilege...
PT-2023-10177 · Bestwebsoft · Bestwebsoft Portfolio Plugin
Name of the Vulnerable Software and Affected Versions: BestWebSoft Portfolio Plugin versions up to 2.27 Description: A vulnerability was found in the BestWebSoft Portfolio Plugin, affecting the function bws add menu render of the file bws menu/bws menu.php. The manipulation of the argument bwsmn...
CVE-2023-50834
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in August Infotech WooCommerce Menu Extension allows Stored XSS.This issue affects WooCommerce Menu Extension: from n/a through 1.6.2...
CVE-2023-50834
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in August Infotech WooCommerce Menu Extension allows Stored XSS.This issue affects WooCommerce Menu Extension: from n/a through 1.6.2...
Cross site scripting
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in August Infotech WooCommerce Menu Extension allows Stored XSS.This issue affects WooCommerce Menu Extension: from n/a through 1.6.2...
CVE-2023-50834
CVE-2023-50834 : Stored Cross-Site Scripting in WooCommerce Menu Extension (Affected: WooCommerce Menu Extension
CVE-2023-50834 WordPress WooCommerce Menu Extension Plugin <= 1.6.2 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in August Infotech WooCommerce Menu Extension allows Stored XSS.This issue affects WooCommerce Menu Extension: from n/a through 1.6.2...
CVE-2023-50826
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Freshlight Lab Menu Image, Icons made easy allows Stored XSS.This issue affects Menu Image, Icons made easy: from n/a through 3.10...
CVE-2023-50826
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Freshlight Lab Menu Image, Icons made easy allows Stored XSS.This issue affects Menu Image, Icons made easy: from n/a through 3.10...
Cross site scripting
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Freshlight Lab Menu Image, Icons made easy allows Stored XSS.This issue affects Menu Image, Icons made easy: from n/a through 3.10...
CVE-2023-50826
CVE-2023-50826 : Stored XSS in the WordPress plugin Menu Image, Icons made easy (affected through 3.10). The vulnerability is described as an input handling issue during web page generation (XSS) and is currently listed as Unpatched per the connected documents; patch/update availability is not pr...
CVE-2023-50826 WordPress Menu Image, Icons made easy Plugin <= 3.10 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Freshlight Lab Menu Image, Icons made easy allows Stored XSS.This issue affects Menu Image, Icons made easy: from n/a through 3.10...
CVE-2023-7047
Inadequate validation of permissions when employing remote tools and macros via the context menu within Devolutions Remote Desktop Manager versions 2023.3.31 and earlier permits a user to initiate a connection without proper execution rights via the remote tools feature. This affects only SQL dat...