WordPress Powerkit Plugin <= 2.9.1 is vulnerable to Cross Site Scripting (XSS)

Software Powerkit Type Plugin Vulnerable versions = 2.9.1 Fixed in 2.9.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2458 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 5e0fc29651eb Credits Francesco Carlucci Required...

WordPress Plugin Powerkit 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

PT-2024-20467 · WordPress · The Powerkit – Supercharge Your Wordpress Site

Name of the Vulnerable Software and Affected Versions: The Powerkit – Supercharge your WordPress Site plugin versions up to, and including, 2.9.1 Description: The issue is related to Stored Cross-Site Scripting via the plugin's shortcodes due to insufficient input sanitization and output escaping...

WordPress Powerkit plugin <= 2.5.8 - Post Views Settings Update/Reset via Cross-Site Request Forgery (CSRF) vulnerability

Post Views Settings Update/Reset via Cross-Site Request Forgery CSRF vulnerability discovered by Jan w Oleju in WordPress Powerkit plugin versions = 2.5.8. Solution Update the WordPress Powerkit plugin to the latest available version at least 2.5.9...