3948 matches found
mooSocial Cross-Site Scripting Vulnerability
mooSocial is a multi-platform, mobile-ready, user-friendly script from mooSocial, Inc. for building community-driven content sharing and social networking sites. A cross-site scripting vulnerability exists in mooSocial Software versions 3.1.6 and 3.1.7, which stems from a vulnerability that allow...
KaliPackergeManager - Kali Packerge Manager
kalipm.sh is a powerful package management tool for Kali Linux that provides a user-friendly menu-based interface to simplify the installation of various packages and tools. It streamlines the process of managing software and enables users to effortlessly install packages from different categorie...
CVE-2023-4890 JQuery Accordion Menu Widget <= 3.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
The JQuery Accordion Menu Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'dcwp-jquery-accordion' shortcode in versions up to, and including, 3.1.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2023-4890
CVE-2023-4890 affects the JQuery Accordion Menu Widget for WordPress (WordPress plugin) up to version 3.1.2, enabling Stored XSS via the dcwp-jquery-accordion shortcode. The vulnerability arises from insufficient input sanitization and output escaping of user-supplied attributes. Exploitation req...
WordPress Plugin JQuery Accordion Menu Widget Cross Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress JQuery Accordion Menu Widget Plugin <= 3.1.2 is vulnerable to Cross Site Scripting (XSS)
Software JQuery Accordion Menu Widget Type Plugin Vulnerable versions = 3.1.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4890 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 4715a521c168 Credits Lana Codes...
Design/Logic Flaw
The Duplicate Post Page Menu & Custom Post Type plugin for WordPress is vulnerable to unauthorized page and post duplication due to a missing capability check on the duplicateppmcpostasdraft function in versions up to, and including, 2.3.1. This makes it possible for authenticated attackers with...
CVE-2023-4792
The CVE-2023-4792 entry describes a vulnerability in the WordPress plugin Duplicate Post Page Menu & Custom Post Type where a missing capability check in the function duplicate_ppmc_post_as_draft allows authenticated users with subscriber access or higher to duplicate posts/pages. Affected versio...
FSLogix | Blank Desktop icons and start menu icons are being displayed
When launching published desktops using FSLogix profiles, we observe that the desktop icons are displayed with a blank icon. When trying to open start menu within the published desktop session, we observe blank icons for the start menu tiles...
CVE-2023-33929
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Joaquín Ruiz Easy Admin Menu plugin = 1.3 versions...
CVE-2023-33929
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Joaquín Ruiz Easy Admin Menu plugin = 1.3 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Joaquín Ruiz Easy Admin Menu plugin = 1.3 versions...
CVE-2023-33929 WordPress Easy Admin Menu Plugin <= 1.3 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Joaquín Ruiz Easy Admin Menu plugin = 1.3 versions...
CVE-2023-33929
CVE-2023-33929 : A stored Cross-Site Scripting (XSS) vulnerability exists in the WordPress plugin Easy Admin Menu by Joaquín Ruiz, affecting versions 1.3 or apply vendor-provided mitigation if available. If upgrading is not possible, monitor for updates from the plugin vendor and affected sites.
WordPress plugin easy-admin-menu 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
CVE-2023-39578
A stored cross-site scripting XSS vulnerability in the Create function of Zenario CMS v9.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Menu navigation text field...
CVE-2023-39578
A stored cross-site scripting XSS vulnerability in the Create function of Zenario CMS v9.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Menu navigation text field...
CVE-2023-39578
A stored cross-site scripting XSS vulnerability in the Create function of Zenario CMS v9.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Menu navigation text field...
CVE-2023-39578
A stored cross-site scripting XSS vulnerability in the Create function of Zenario CMS v9.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Menu navigation text field...
CVE-2023-39578
A stored cross-site scripting XSS vulnerability in the Create function of Zenario CMS v9.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Menu navigation text field...