6239 matches found
CVE-2023-29848
Bang Resto 1.0 was discovered to contain a stored cross-site scripting XSS vulnerability via the itemName parameter in the admin/menu.php Add New Menu function...
Forms Ada <= 1.0 - Unauthenticated Reflected XSS
The plugin does not sanitize and escape some of it's parameters before reflecting them back in the page, leading to a Reflected Cross-Site Scripting which could be used against high-privilege users such as admin...
frontviews.de Cross Site Scripting vulnerability OBB-3272328
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2023-25451 WordPress CPO Content Types Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in WPChill CPO Content Types plugin = 1.1.0 versions...
CVE-2023-23827 WordPress Google Maps v3 Shortcode Plugin <= 1.2.1 is vulnerable to Cross Site Scripting (XSS)
Auth. contributor+ Cross-Site Scripting XSS vulnerability in Google Maps v3 Shortcode plugin = 1.2.1 versions...
ferienwohnung-netz.de Cross Site Scripting vulnerability OBB-3269073
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
radsportverband-brandenburg.de Cross Site Scripting vulnerability OBB-3268280
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
rae-butzbach.de Cross Site Scripting vulnerability OBB-3268282
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
poolprotect.de Cross Site Scripting vulnerability OBB-3268190
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
hsu.och101.com Cross Site Scripting vulnerability OBB-3267907
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
thaiwonderful.com Cross Site Scripting vulnerability OBB-3267379
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
dice.fldfs.com Cross Site Scripting vulnerability OBB-3267051
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
WordPress WCP Contact Form Plugin <= 3.1.0 is vulnerable to Cross Site Scripting (XSS)
Software WCP Contact Form Type Plugin Vulnerable versions = 3.1.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-22703 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b15b6e2cd5a5 Credits Le Ngoc Anh Requir...
script-pag.com Cross Site Scripting vulnerability OBB-3266594
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2023-2120
The Thumbnail carousel slider plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the searchterm parameter in versions up to, and including, 1.1.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
jobs.velindre-tr.wales.nhs.uk Cross Site Scripting vulnerability OBB-3265890
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
PT-2023-14524 · WordPress · Denis Buka Content Repeater – Custom Posts Simplified
Name of the Vulnerable Software and Affected Versions: Denis Buka Content Repeater – Custom Posts Simplified plugin versions prior to 1.1.14 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin+ privileges. This vulnerability...
gt-elektronik.de Cross Site Scripting vulnerability OBB-3264927
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
gs-orbit.de Cross Site Scripting vulnerability OBB-3264921
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
chrischristophersen.eu Cross Site Scripting vulnerability OBB-3263711
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...