WordPress Plugin Page scroll to id security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

CVE-2024-1445

CVE-2024-1445 refers to the WordPress page-scroll-to-id plugin. The vulnerability is a Stored Cross-Site Scripting (XSS) in the plugin’s shortcode attributes, affecting versions up to and including 1.7.8, caused by insufficient input sanitization and output escaping. Exploitation requires authent...

PT-2024-18051 · WordPress · Page Scroll To Id

Name of the Vulnerable Software and Affected Versions: Page scroll to id plugin for WordPress versions up to, and including, 1.7.8 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping on user-supplied attributes in the plugin'...

CVE-2022-4449

The Page scroll to id WordPress plugin before 1.7.6 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...

CVE-2022-4449

CVE-2022-4449 affects the WordPress Page Scroll To ID plugin prior to 1.7.6. The issue stems from not validating/escaping certain shortcode attributes, enabling a stored XSS attack where an attacker with as little as contributor privileges could target higher-privilege users (e.g., admins). Publi...

CVE-2022-4449 Page Scroll To ID < 1.7.6 - Contributor+ Stored XSS

The Page scroll to id WordPress plugin before 1.7.6 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...

PT-2023-14493 · WordPress · Page Scroll To Id

Name of the Vulnerable Software and Affected Versions: Page scroll to id WordPress plugin versions prior to 1.7.6 Description: The issue allows users with a role as low as contributor to perform Stored Cross-Site Scripting attacks, which could be used against high privilege users such as admins...

Page Scroll To ID < 1.7.6 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC Put the...

Page Scroll To ID < 1.7.6 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Put the...