2096 matches found
Acceptance of Extraneous Untrusted Data With Trusted Data
Overview johnpbloch/wordpress-core is a web software you can use to create a website or blog. Affected versions of this package are vulnerable to Acceptance of Extraneous Untrusted Data With Trusted Data through the processing of shortcodes in user-generated content. An attacker can manipulate...
CVE-2023-23703
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Tyche Softwares Arconix Shortcodes plugin = 2.1.7 versions...
CVE-2023-23703
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Tyche Softwares Arconix Shortcodes plugin = 2.1.7 versions...
CVE-2023-23703 WordPress Arconix Shortcodes Plugin <= 2.1.7 is vulnerable to Cross Site Scripting (XSS)
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Tyche Softwares Arconix Shortcodes plugin = 2.1.7 versions...
CVE-2023-23703 WordPress Arconix Shortcodes Plugin <= 2.1.7 is vulnerable to Cross Site Scripting (XSS)
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Tyche Softwares Arconix Shortcodes plugin = 2.1.7 versions...
CVE-2023-23703
CVE-2023-23703 corresponds to a Stored XSS in the WordPress plugin Arconix Shortcodes (vulnerable: 2.1.7 is the recommended remediation. Additional sources classify the issue as low severity with a low likelihood of exploitation, but it remains a real vulnerability for sites still running
WordPress plugin Arconix Shortcodes 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...
PT-2023-19142 · Unknown · Arconix Shortcodes
Name of the Vulnerable Software and Affected Versions: Arconix Shortcodes plugin versions = 2.1.7 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability. It affects users with contributor or higher authentication levels. There is no information provided about the...
Download Manager < 3.2.71 - Contributor+ Stored Cross-Site Scripting
The plugin does not properly sanitize and escape user-supplied attributes in 'wpdmmembers', 'wpdmloginform', and 'wpdmregform' shortcodes, leading to Stored Cross-Site Scripting vulnerabilities...
CVE-2023-25798
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Olevmedia Olevmedia Shortcodes plugin = 1.1.9 versions...
CVE-2023-25798
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Olevmedia Olevmedia Shortcodes plugin = 1.1.9 versions...
Cross site scripting
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Olevmedia Olevmedia Shortcodes plugin = 1.1.9 versions...
CVE-2023-25798 WordPress Olevmedia Shortcodes Plugin <= 1.1.9 is vulnerable to Cross Site Scripting (XSS)
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Olevmedia Olevmedia Shortcodes plugin = 1.1.9 versions...
CVE-2023-25798 WordPress Olevmedia Shortcodes Plugin <= 1.1.9 is vulnerable to Cross Site Scripting (XSS)
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Olevmedia Olevmedia Shortcodes plugin = 1.1.9 versions...
CVE-2023-25798
CVE-2023-25798 is a Stored Cross-Site Scripting (XSS) vulnerability in the WordPress plugin Olevmedia Shortcodes (versions 1.1.9) to mitigate risk. Monitor for official patch details as they become publicly available.
WordPress plugin Olevmedia Shortcodes 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...
PT-2023-20313 · WordPress · Olevmedia Shortcodes
Name of the Vulnerable Software and Affected Versions: Olevmedia Shortcodes plugin versions 1.1.9 and earlier Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability. This vulnerability can be exploited by contributors or those with higher authentication levels. There...
PT-2023-16594 · WordPress · Stagtools
Name of the Vulnerable Software and Affected Versions: StagTools WordPress plugin versions prior to 2.3.7 Description: The issue concerns the StagTools WordPress plugin, which does not properly validate and escape certain shortcode attributes before outputting them in a page or post. This could...
WordPress Arconix Shortcodes Plugin <= 2.1.7 is vulnerable to Cross Site Scripting (XSS)
Software Arconix Shortcodes Type Plugin Vulnerable versions = 2.1.7 Fixed in 2.1.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23703 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID a66cbc072f58 Credits István Márton Requir...
WordPress plugin Video Central 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...