20 matches found
EUVD-2014-3143
Malware in sbrugna...
EUVD-2022-25239
Malicious code in bioql PyPI...
CVE-2022-1971
The NextCellent Gallery WordPress plugin through 1.9.35 does not sanitise and escape some of its image settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup...
WordPress NextCellent Gallery plugin跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress NextCellent Gallery plugin 1.9.35 and its previous versions are vulnerable to a cross-site scriptin...
CVE-2022-1971
The NextCellent Gallery WordPress plugin through 1.9.35 does not sanitise and escape some of its image settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2022-1971
The NextCellent Gallery WordPress plugin through 1.9.35 does not sanitise and escape some of its image settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2022-1971
The NextCellent Gallery WordPress plugin through 1.9.35 does not sanitise and escape some of its image settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2022-1971 NextCellent Gallery <= 1.9.35 - Admin+ Stored XSS
The NextCellent Gallery WordPress plugin through 1.9.35 does not sanitise and escape some of its image settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2022-1971
CVE-2022-1971 concerns the NextCellent Gallery WordPress plugin (
WordPress plugin NextCellent Gallery 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress NextCellent Gallery plugin 1.9.35 and its previous versions are vulnerable to a cross-site scriptin...
NextCellent Gallery <= 1.9.35 - Admin+ Stored XSS
The plugin does not sanitise and escape some of its image settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup Create/edit a gallery with at least one image, pu...
WordPress NextCellent Gallery plugin <= 1.9.35 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by lucy in WordPress NextCellent Gallery plugin versions = 1.9.35. Solution Deactivate and delete. This plugin has been closed as of June 1, 2022 and is not available for download. This closure is temporary, pending a full...
NextCellent Gallery <= 1.9.35 - Admin+ Stored XSS
The plugin does not sanitise and escape some of its image settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup PoC Create/edit a gallery with at least one image...
NextCellent Gallery < 1.9.18 - Multiple Stored XSS
The NextCellent Gallery – NextGEN Legacy WordPress plugin was affected by a Multiple Stored XSS security vulnerability...
WordPress NextCellent Gallery Plugin <= 1.9.13 - Stored XSS
Because of this vulnerability, the attackers can inject arbitrary JavaScript or HTML code. Solution Update the plugin...
CVE-2014-3123
Cross-site scripting XSS vulnerability in admin/manage-images.php in the NextCellent Gallery plugin before 1.19.18 for WordPress allows remote authenticated users with the NextGEN Upload images, NextGEN Manage gallery, or NextGEN Manage others gallery permission to inject arbitrary web script or...
Cross site scripting
Cross-site scripting XSS vulnerability in admin/manage-images.php in the NextCellent Gallery plugin before 1.19.18 for WordPress allows remote authenticated users with the NextGEN Upload images, NextGEN Manage gallery, or NextGEN Manage others gallery permission to inject arbitrary web script or...
CVE-2014-3123
Cross-site scripting XSS vulnerability in admin/manage-images.php in the NextCellent Gallery plugin before 1.19.18 for WordPress allows remote authenticated users with the NextGEN Upload images, NextGEN Manage gallery, or NextGEN Manage others gallery permission to inject arbitrary web script or...
CVE-2014-3123
The CVE-2014-3123 entry describes a Cross-site Scripting (XSS) vulnerability in the NextCellent Gallery WordPress plugin. The issue resides in admin/manage-images.php and affects versions before 1.19.18, allowing remote authenticated users who have NextGEN Upload images, NextGEN Manage gallery, o...
WordPress NextCellent Gallery Plugin <= 1.19.17 - XSS
Because of this vulnerability in admin/manage-images.php, authenticated users can inject arbitrary web script or HTML via the "Alt & Title Text" field. Solution Update the plugin...