114 matches found
CVE-2015-10090 Landing Pages Plugin cross site scripting
A vulnerability, which was classified as problematic, has been found in Landing Pages Plugin up to 1.8.7 on WordPress. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgrading to version 1.8.8 is able to...
CVE-2015-10090 Landing Pages Plugin cross site scripting
A vulnerability, which was classified as problematic, has been found in Landing Pages Plugin up to 1.8.7 on WordPress. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgrading to version 1.8.8 is able to...
PT-2023-10269 · Unknown · Landing Pages Plugin
Name of the Vulnerable Software and Affected Versions: Landing Pages Plugin versions up to 1.8.7 Description: A problematic issue has been found in the Landing Pages Plugin, affecting some unknown functionality. This issue leads to cross-site scripting and can be exploited remotely...
CVE-2022-4483 Insert Pages < 3.7.5 - Contributor+ Stored XSS
The Insert Pages WordPress plugin before 3.7.5 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege...
PT-2023-14558 · WordPress · Insert Pages
Name of the Vulnerable Software and Affected Versions: Insert Pages WordPress plugin versions prior to 3.7.5 Description: The issue allows users with a role as low as contributor to perform Stored Cross-Site Scripting attacks, which could be used against high privilege users such as admins. This ...
CVE-2022-36341
Authenticated subscriber+ plugin settings change leading to Stored Cross-Site Scripting XSS vulnerability in Akash soni's AS – Create Pinterest Pinboard Pages plugin = 1.0 at WordPress...
WordPress Nested Pages plugin跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress Nested Pages plugin version prior to 3.1.21 has a cross-site scripting vulnerability that...
PT-2022-14242 · WordPress · Nested Pages
Name of the Vulnerable Software and Affected Versions: Nested Pages WordPress plugin versions prior to 3.1.21 Description: The issue allows high privilege users to perform Stored Cross-Site Scripting attacks when the unfiltered html is disallowed, due to the plugin not escaping and sanitizing som...
Cross site scripting
Authenticated admin+ Stored Cross-Site Scripting XSS vulnerability discovered in AMP for WP – Accelerated Mobile Pages plugin = 1.0.77.31 versions...
WordPress Widgets on Pages plugin <= 1.5.0 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Widgets on Pages plugin versions = 1.5.0. Solution Update the WordPress Widgets on Pages plugin to the latest available version at least 1.6.0...
CVE-2021-24851
The Insert Pages WordPress plugin before 3.7.0 allows users with a role as low as Contributor to access content and metadata from arbitrary posts/pages regardless of their author and status ie private, using a shortcode. Password protected posts/pages are not affected by such issue...
WordPress 跨站脚本漏洞
WordPress is a set of blogging platforms developed by the WordPress Foundation using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL. WordPress Insert Pages plugin has a cross-site scripting vulnerability in versions prior to 3.7.0, whi...
WordPress 安全漏洞
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. An authorization issue vulnerability exists in the WordPress Insert Pages plugin in versions prior to 3.7.0,...
CVE-2021-38343
The Nested Pages WordPress plugin = 3.1.15 was vulnerable to an Open Redirect via the page POST parameter in the npBulkActions, npBulkEdit, npListingSort, and npCategoryFilter adminpost actions...
CVE-2021-38342
The Nested Pages WordPress plugin = 3.1.15 was vulnerable to Cross-Site Request Forgery via the npBulkActions and npBulkEdit adminpost actions, which allowed attackers to trash or permanently purge arbitrary posts as well as changing their status, reassigning their ownership, and editing other...
Directory traversal
The insert-pages plugin before 3.2.4 for WordPress has directory traversal via custom template paths...
CVE-2018-19498
The Simplenia Pages plugin 2.6.0 for Atlassian Bitbucket Server has XSS...
CVE-2018-19498
The Simplenia Pages plugin 2.6.0 for Atlassian Bitbucket Server has XSS...
Cross site scripting
The Simplenia Pages plugin 2.6.0 for Atlassian Bitbucket Server has XSS...
CVE-2018-19498
The CVE-2018-19498 entry concerns the Pages for Bitbucket Server plugin (Simplenia Pages) version 2.6.0 and earlier for Atlassian Bitbucket Server, vulnerable to Cross-Site Scripting (CWE-79). The advisory SYSS-2018-037 (PacketStorm/SySS) shows affected versions up to 2.6.0, with a fix implemente...