WordPress Responsive Header Plugin plugin <= 1.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via Settings Parameters vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting via Settings Parameters vulnerability discovered by 0x34rth in WordPress Plugin Responsive Header versions = 1.0...

CVE-2026-1300

The Responsive Header plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple plugin settings parameters in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2026-1300

The Responsive Header plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple plugin settings parameters in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2026-1300

The Responsive Header plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple plugin settings parameters in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2026-1300

CVE-2026-1300 refers to the WordPress plugin Responsive Header (versions

CVE-2026-1300 Responsive Header Plugin <= 1.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via Settings Parameters

The Responsive Header plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple plugin settings parameters in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

PT-2026-4606

The Responsive Header plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple plugin settings parameters in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

WordPress plugin Responsive Header has a cross-site scripting vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

CVE-2023-5334

The CVE-2023-5334 in WP Responsive header image slider (WordPress) is a Stored XSS in the sp_responsiveslider shortcode affecting versions up to 3.2.1. Authenticated attackers with contributor+ can inject scripts that execute on page load. Multiple sources confirm the vulnerability; patch status ...

CVE-2023-5334 WP Responsive header image slider <= 3.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The WP Responsive header image slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'spresponsiveslider' shortcode in versions up to, and including, 3.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

WordPress Plugin Responsive header image slider cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

WordPress WP Responsive header image slide Plugin <= 3.2.1 is vulnerable to Cross Site Scripting (XSS)

Software WP Responsive header image slide Type Plugin Vulnerable versions = 3.2.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5334 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 015e84c4cbe9 Credits Lana Code...