6239 matches found
CVE-2024-2082
The EleForms – All In One Form Integration including DB for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in all versions up to, and including, 2.9.9.7 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2024-4433
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mr Digital Simple Image Popup allows Stored XSS.This issue affects Simple Image Popup: from n/a through 2.4.0...
WordPress Fancy Elementor Flipbox Plugin <= 2.5.1 is vulnerable to Cross Site Scripting (XSS)
Software Fancy Elementor Flipbox Type Plugin Vulnerable versions = 2.5.1 Fixed in 2.5.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2349 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID dd388fab11b8 Credits Francesco Carluc...
WordPress Elementor Addon Elements plugin <= 1.13.3 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by stealthcopter in WordPress Plugin Elementor Addon Elements versions = 1.13.3...
Doctor Appointment Management System 1.0 Cross Site Scripting Vulnerability
Application Name: Doctor Appointment Management System Software Link: Download Link Vendor Homepage: Vendor Homepage BuG: XsS BUGAuthor: SoSPiro Version: 1.0 CVE: CVE-2024-4293 Vulnerable code section: - http://localhost/Doctor-Appointment-SystemPHP/dams/doctor/appointment-bwdates.php - Lines 57-...
jobinterviewquestions.com Cross Site Scripting vulnerability OBB-3923272
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
umarket.utah.edu Cross Site Scripting vulnerability OBB-3922757
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
turfkingmuskoka.com Cross Site Scripting vulnerability OBB-3921504
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
mobi.mzikii.com Cross Site Scripting vulnerability OBB-3921153
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
egyptmart.online Cross Site Scripting vulnerability OBB-3920847
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
betterprescottjobs.com Cross Site Scripting vulnerability OBB-3920731
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
sapulse.com Cross Site Scripting vulnerability OBB-3920492
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
market.yandex.ru.xx3.kz Cross Site Scripting vulnerability OBB-3919965
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
flow507.net Cross Site Scripting vulnerability OBB-3919595
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
wa.orienteering.asn.au Cross Site Scripting vulnerability OBB-3919305
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Totara LMS Cross-Site Scripting Vulnerability
Totara LMS is a learning management system from Totara. A cross-site scripting vulnerability exists in Totara LMS version 18.0.1 Build 20231128.01, which stems from the fact that admin/roles/check.php in the component Profile Handler contains some unknown functions that lead to cross-site scripti...
CVE-2024-32581 WordPress Mortgage Calculators WP plugin <= 1.56 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Lenderd Mortgage Calculators WP allows Stored XSS.This issue affects Mortgage Calculators WP: from n/a through 1.56...
revital.ru Cross Site Scripting vulnerability OBB-3918561
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
WordPress GiveWP Plugin <= 3.6.1 is vulnerable to Cross Site Scripting (XSS)
Software GiveWP Type Plugin Vulnerable versions = 3.6.1 Fixed in 3.7.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1957 Patch priority Low CVSS severity Low 6.5 Developer Liquid Web / StellarWP PSID f3cbd83f12af Credits Ngô Thiên An ancorn Requir...
PT-2024-14972 · WordPress · Wpc Smart Quick View
Name of the Vulnerable Software and Affected Versions: WPC Smart Quick View for WooCommerce plugin for WordPress versions up to, and including, 4.0.2 Description: The issue is related to Stored Cross-Site Scripting via admin settings due to insufficient input sanitization and output escaping. Thi...