29 matches found
EUVD-2023-51949
Malicious code in bioql PyPI...
EUVD-2024-33759
Malicious code in bioql PyPI...
CVE-2024-9898
The Parallax Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's dd-parallax shortcode in all versions up to, and including, 1.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2024-11224
The Parallax Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘position’ parameter in all versions up to, and including, 1.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access...
CVE-2023-47854
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Howard Ehrenberg Parallax Image allows Stored XSS.This issue affects Parallax Image: from n/a through 1.7.1...
CVE-2024-11224
The Parallax Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘position’ parameter in all versions up to, and including, 1.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access...
CVE-2024-11224 Parallax Image <= 1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via position Parameter
The Parallax Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘position’ parameter in all versions up to, and including, 1.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access...
CVE-2024-11224 Parallax Image <= 1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via position Parameter
The Parallax Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘position’ parameter in all versions up to, and including, 1.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access...
WordPress Parallax Image plugin <= 1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via position Parameter vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via position Parameter vulnerability discovered by Peter Thaleikis in WordPress Plugin Parallax Image versions = 1.9...
WordPress plugin Parallax Image 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress Parallax Image Plugin <= 1.9 is vulnerable to Cross Site Scripting (XSS)
Software Parallax Image Type Plugin Vulnerable versions = 1.9 Fixed in 1.9.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-11224 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 281f09cc2704 Credits Peter Thaleikis Required...
CVE-2024-9898
The Parallax Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's dd-parallax shortcode in all versions up to, and including, 1.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2024-9898
The Parallax Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's dd-parallax shortcode in all versions up to, and including, 1.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2024-9898
CVE-2024-9898 (Parallax Image, WordPress) is a stored XSS in the Parallax Image plugin for WordPress for versions 1.8, preferably 1.9+), and/or restricting the shortcode access to reduce exposure until updates are deployed.
WordPress Parallax Image plugin <= 1.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via dd-parallax Shortcode vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via dd-parallax Shortcode vulnerability discovered by Peter Thaleikis in WordPress Plugin Parallax Image versions = 1.8...
WordPress plugin Parallax Image 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress Parallax Image Plugin <= 1.8 is vulnerable to Cross Site Scripting (XSS)
Software Parallax Image Type Plugin Vulnerable versions = 1.8 Fixed in 1.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9898 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 90e7358f506d Credits Peter Thaleikis Required...
PT-2024-39924 · WordPress · Parallax Image
Name of the Vulnerable Software and Affected Versions: Parallax Image plugin for WordPress version 1.8 and earlier Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the plugin's dd-parallax shortcode, allowing authenticated...
CVE-2023-47854
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Howard Ehrenberg Parallax Image allows Stored XSS.This issue affects Parallax Image: from n/a through 1.7.1...
CVE-2023-47854
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Howard Ehrenberg Parallax Image allows Stored XSS.This issue affects Parallax Image: from n/a through 1.7.1...