6 matches found
CVE-2024-4430
The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the photo widget crop attribute in all versions up to, and including, 2.8.1.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
WordPress Beaver Builder plugin <= 2.8.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via photo widget crop attribute vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via photo widget crop attribute vulnerability discovered by Thanh Nam Tran in WordPress Plugin Beaver Builder versions = 2.8.1.2...
Beaver Builder < 2.8.1.3 - Contributor+ Stored Cross-Site Scripting via photo widget crop attribute
Description The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the photo widget crop attribute in all versions up to, and including, 2.8.1.2 due to insufficient input sanitization and output escaping. This makes it possible for...
HTB22960: XSS in Daily Maui Photo Widget wordpress plugin
Vulnerability ID: HTB22960 Reference: http://www.htbridge.ch/advisory/xssindailymauiphotowidgetwordpressplugin.html Product: Daily Maui Photo Widget wordpress plugin Vendor: Kris Nelson http://www.webnelly.com/ Vulnerable Version: 0.2 Vendor Notification: 14 April 2011 Vulnerability Type: XSS Cro...
WordPress Plugin Daily Maui Photo Widget 0.2 - Multiple Cross-Site Scripting Vulnerabilities
WordPress Plugin Daily Maui Photo Widget 0.2 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/47620/info The Daily Maui Photo Widget plugin for WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize...
WordPress Plugin Daily Maui Photo Widget 0.2 - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/47620/info The Daily Maui Photo Widget plugin for WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...