CVE-2021-4363

The WP Quick FrontEnd Editor plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 5.5 due to insufficient input sanitization and output escaping on the 'savecontentfront' function that uses printr on the user-supplied $REQUEST values . This makes ...

CVE-2024-1285

The Page Builder Sandwich – Front End WordPress Page Builder Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'gambitbuildersavecontent' function in all versions up to, and including, 5.1.0. This makes it possible for...

WordPress Plugin Page Builder Sandwich Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

PT-2024-17766 · WordPress · Page Builder Sandwich

Name of the Vulnerable Software and Affected Versions: The Page Builder Sandwich – Front End WordPress Page Builder Plugin versions prior to 5.1.1 Description: The issue allows authenticated attackers with subscriber access and above to insert arbitrary content into existing posts due to a missin...

Stored Cross Site Scripting in beetl-bbs

A Stored Cross Site Scripting XSS vulnerability in beetl-bbs 2.0 allows attackers to run arbitrary code via the post/save content parameter...

CVE-2024-22491

A Stored Cross Site Scripting XSS vulnerability in beetl-bbs 2.0 allows attackers to run arbitrary code via the post/save content parameter...

CVE-2023-5287

UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as problematic, was found in BEECMS 4.0. This affects an unknown part of the file /admin/admincontenttag.php?action=savecontent. The manipulation of the argument tag leads to cross site scripting. It is possible to initiate the attac...

CVE-2021-4363

The WP Quick FrontEnd Editor plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 5.5 due to insufficient input sanitization and output escaping on the 'savecontentfront' function that uses printr on the user-supplied $REQUEST values . This makes ...

PT-2023-12474 · WordPress · Wp Quick Frontend Editor

Name of the Vulnerable Software and Affected Versions: WP Quick FrontEnd Editor plugin for WordPress versions up to, and including, 5.5 Description: The issue arises from insufficient input sanitization and output escaping on the save content front function, which uses print r on user-supplied $...