30 matches found
CVE-2022-0210 Random Banner <= 4.1.4 Admin+ Stored Cross-Site Scripting
The Random Banner WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping via the category parameter found in the /include/models/model.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and...
CVE-2022-0210 Random Banner <= 4.1.4 Admin+ Stored Cross-Site Scripting
The Random Banner WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping via the category parameter found in the /include/models/model.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and...
CVE-2022-0210
CVE-2022-0210 affects the WordPress plugin “Random Banner.” The vulnerability is a Stored Cross-Site Scripting (XSS) due to insufficient escaping in the category parameter within ~/include/models/model.php. It can be exploited by an attacker with administrative access to inject arbitrary scripts....
PT-2022-13038 · WordPress · Random Banner
Name of the Vulnerable Software and Affected Versions: Random Banner WordPress plugin versions up to and including 4.1.4 Description: The issue is related to Stored Cross-Site Scripting due to insufficient escaping via the category parameter found in the /include/models/model.php file. This allow...
Random Banner < 4.1.6 - Admin+ Stored Cross-Site Scripting
The plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping via the category parameter found in the /include/models/model.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 4.1.4. This affects...
WordPress Random Banner plugin <= 4.1.4 - Stored Cross-Site Scripting (XSS) vulnerability
Stored Cross-Site Scripting XSS vulnerability discovered by Big Tiger in WordPress Random Banner plugin versions = 4.1.4. Solution Update the WordPress Random Banner plugin to the latest available version at least 4.1.5...
CVE-2014-4847
CVE-2014-4847 concerns a cross-site scripting (XSS) flaw in the WordPress plugin “Random Banner” version 1.1.2.1. The vulnerability allows a remote attacker to inject arbitrary web script or HTML via the buffercode_RBanner_url_banner1 parameter in an update action to wp-admin/options.php. Affecte...
WordPress Random Banner Plugin <= 1.1.2.1 - XSS
Because of this vulnerability, the attackers can inject arbitrary web script or HTML via the "buffercodeRBannerurlbanner1" parameter in an update action to wp-admin/options.php. Solution Update the plugin...
WordPress Random Banner 1.1.2.1 Cross Site Scripting
Exploit Title : Wordpress random-banner.1.1.2.1 Cross Site Scripting Exploit Author : Ashiyane Digital Security Team Vendor Homepage : http://wordpress.org/plugins/random-banner/ Software Link : http://downloads.wordpress.org/plugin/random-banner.1.1.2.1.zip Date : 2014-06-28 Tested on : Windows ...
R&om Banner 1.1.2.1 - Cross-Site Scripting (XSS)
The Random Banner WordPress plugin was affected by a Cross-Site Scripting XSS security vulnerability...