8 matches found
CVE-2024-11758
The WP SPID Italia plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode in all versions up to, and including, 2.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, wit...
CVE-2024-11758
The WP SPID Italia plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode in all versions up to, and including, 2.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, wit...
CVE-2024-11758
The CVE-2024-11758 entry affects the WP SPID Italia WordPress plugin. Impact: Stored Cross-Site Scripting via the plugin shortcode allows an authenticated attacker (contributor level or higher) to inject web scripts that execute when visitors access the affected page. Technical details: all versi...
CVE-2024-11758 WP SPID Italia <= 2.9 - Authenticated (Contributor+) Stored Cross-Site Scripting
The WP SPID Italia plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode in all versions up to, and including, 2.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, wit...
WordPress WP SPID Italia plugin <= 2.9 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by SOPROBRO in WordPress Plugin WP SPID Italia versions = 2.9...
WordPress WP SPID Italia Plugin <= 2.4.3 is vulnerable to Cross Site Scripting (XSS)
Software WP SPID Italia Type Plugin Vulnerable versions = 2.4.3 Fixed in 2.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID d8c2a46f0b6d Credits Rafie Muhammad Patchstack Required...
WordPress WP SPID Italia plugin <= 2.3.4 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress WP SPID Italia plugin versions = 2.3.4. Solution Update the WordPress WP SPID Italia plugin to the latest available version at least 2.3.5...
WordPress WP SPID Italia plugin <= 2.3.4 - Sensitive Information Disclosure vulnerability
Sensitive Information Disclosure vulnerability discovered in WordPress WP SPID Italia plugin versions = 2.3.4. Solution Update the WordPress WP SPID Italia plugin to the latest available version at least 2.3.5...