WordPress Open Graph Plugin <= 1.11.2 is vulnerable to Sensitive Data Exposure

Software Open Graph Type Plugin Vulnerable versions = 1.11.2 Fixed in 1.11.3 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-5615 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 6f80c0f253be Credits Krzysztof Zając Required...

WordPress plugin Open Graph security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

Open Graph < 1.11.3 - Unauthenticated Sensitive Information Exposure

Description The Open Graph plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.11.2 via the 'opengraphdefaultdescription' function. This makes it possible for unauthenticated attackers to extract sensitive data including partial content of...

PT-2024-22926 · Boldgrid · Boldgrid Easy Seo

Name of the Vulnerable Software and Affected Versions: The BoldGrid Easy SEO plugin for WordPress versions up to, and including, 1.6.14 Description: The issue allows unauthenticated attackers to view the first 130 characters of a password-protected post, which can contain sensitive information, v...

BIT-LIFERAY-2022-26597

Cross-site scripting XSS vulnerability in the Layout module's Open Graph integration in Liferay Portal 7.3.0 through 7.4.0, and Liferay DXP 7.3 before service pack 3 allows remote attackers to inject arbitrary web script or HTML via the site name...

WWBN AVideo Cross-Site Scripting Vulnerability

WWBN AVideo is a video platform builder written in PHP by the WWBN team. A cross-site scripting vulnerability exists in WWBN AVideo, which stems from a cross-site scripting xss vulnerability in the functiongetOpenGraph videoName method...

CVE-2023-46191

Cross-Site Request Forgery CSRF vulnerability in Niels van Renselaar Open Graph Metabox plugin = 1.4.4 versions...

CVE-2023-46191

Cross-Site Request Forgery CSRF vulnerability in Niels van Renselaar Open Graph Metabox plugin = 1.4.4 versions...

WordPress Plugin Open Graph Metabox Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

CVE-2023-46191 WordPress Open Graph Metabox Plugin <= 1.4.4 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Niels van Renselaar Open Graph Metabox plugin = 1.4.4 versions...

CVE-2023-46191 WordPress Open Graph Metabox Plugin <= 1.4.4 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Niels van Renselaar Open Graph Metabox plugin = 1.4.4 versions...

CVE-2023-46191

The CVE-2023-46191 entry concerns a CSRF vulnerability in the Open Graph Metabox WordPress plugin, affecting versions

PT-2023-29892 · Niels Van Renselaar · Open Graph Metabox Plugin

Name of the Vulnerable Software and Affected Versions: Niels van Renselaar Open Graph Metabox plugin versions = 1.4.4 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended...

WordPress Open Graph Metabox Plugin <= 1.4.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software Open Graph Metabox Type Plugin Vulnerable versions = 1.4.4 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-46191 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 7aa3a95b4491 Credits LEE SE HYOUNG...

CVE-2023-45010

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Alex MacArthur Complete Open Graph plugin = 3.4.5 versions...

CVE-2023-45010

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Alex MacArthur Complete Open Graph plugin = 3.4.5 versions...

Cross site scripting

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Alex MacArthur Complete Open Graph plugin = 3.4.5 versions...

CVE-2023-45010 WordPress Complete Open Graph Plugin <= 3.4.5 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Alex MacArthur Complete Open Graph plugin = 3.4.5 versions...

CVE-2023-45010 WordPress Complete Open Graph Plugin <= 3.4.5 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Alex MacArthur Complete Open Graph plugin = 3.4.5 versions...

CVE-2023-45010

CVE-2023-45010 – WordPress Complete Open Graph Plugin ≤ 3.4.5 is vulnerable to admin+ Stored XSS. Root cause: insufficient input validation/escaping in plugin parameters, enabling stored XSS. Multiple connected sources (NVD, Red Hat, WP/distro feeds) confirm the vulnerability and affected version...