CVE-2024-53561

A remote code execution RCE vulnerability in Arcadyan Meteor 2 CPE FG360 Firmware ETV2.10 allows attackers to execute arbitrary code via a crafted request...

CVE-2024-53563

A stored cross-site scripting XSS vulnerability in Arcadyan Meteor 2 CPE FG360 Firmware ETV2.10 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload...

CVE-2024-53563

A stored cross-site scripting XSS vulnerability in Arcadyan Meteor 2 CPE FG360 Firmware ETV2.10 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload...

CVE-2024-53563

The CVE-2024-53563 entry concerns Arcadyan Meteor 2 CPE FG360 Firmware ETV2.10, reporting a stored XSS vulnerability in the device’s web interface that allows an attacker to inject a crafted payload to execute arbitrary web scripts or HTML. The documents consistently identify the affected product...

CVE-2024-12073

The Meteor Slides plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'slideurlvalue' parameter in all versions up to, and including, 1.5.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...

CVE-2024-12073

The Meteor Slides plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'slideurlvalue' parameter in all versions up to, and including, 1.5.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...

CVE-2024-12073 Meteor Slides <= 1.5.7 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Meteor Slides plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'slideurlvalue' parameter in all versions up to, and including, 1.5.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...

CVE-2024-12073 Meteor Slides <= 1.5.7 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Meteor Slides plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'slideurlvalue' parameter in all versions up to, and including, 1.5.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...

CVE-2024-12073

CVE-2024-12073 affects the Meteor Slides WordPress plugin. The vulnerability is a Stored Cross-Site Scripting (XSS) in the slide_url_value parameter across all versions up to and including 1.5.7, arising from insufficient input sanitization and output escaping. Exploitation requires authenticatio...

WordPress plugin Meteor Slides 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress Meteor Slides plugin <= 1.5.7 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Brian Sans-Souci liardom in WordPress Plugin Meteor Slides versions = 1.5.7...

CVE-2024-52493

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Josh Leuze Meteor Slides allows Stored XSS.This issue affects Meteor Slides: from n/a through 1.5.7...

CVE-2024-52493

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Josh Leuze Meteor Slides meteor-slides allows Stored XSS.This issue affects Meteor Slides: from n/a through = 1.5.7...

CVE-2024-52493 WordPress Meteor Slides plugin <= 1.5.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Josh Leuze Meteor Slides meteor-slides allows Stored XSS.This issue affects Meteor Slides: from n/a through = 1.5.7...

CVE-2024-52493

CVE-2024-52493 is a stored XSS vulnerability in WordPress Meteor Slides up to version 1.5.7, arising from improper input neutralization during web page generation. Affected product: Meteor Slides (WordPress plugin). Impact and exploitability: authenticated attackers (administrators) could inject ...

CVE-2024-52493 WordPress Meteor Slides plugin <= 1.5.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Josh Leuze Meteor Slides allows Stored XSS.This issue affects Meteor Slides: from n/a through 1.5.7...

WordPress plugin Meteor Slides 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2024-35334 · Unknown · Meteor Slides

Name of the Vulnerable Software and Affected Versions: Meteor Slides versions 1.5.7 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for Stored Cross-site Scripting XSS. This means that an attacker can inject malicious code...

WordPress Meteor Slides plugin <= 1.5.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by UKO Patchstack Alliance in WordPress Plugin Meteor Slides versions = 1.5.7...

WordPress Meteor Slides Plugin <= 1.5.7 is vulnerable to Cross Site Scripting (XSS)

Software Meteor Slides Type Plugin Vulnerable versions = 1.5.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-52493 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 8d382942f231 Credits UKO Required privilege Administrator...