CVE-2024-8866

A vulnerability was found in AutoCMS 5.4. It has been classified as problematic. This affects an unknown part of the file /admin/robot.php. The manipulation of the argument sidebar leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the...

CVE-2024-9885

The Widget or Sidebar Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'sidebar' shortcode in all versions up to, and including, 0.6.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2023-36818

Discourse is an open source discussion platform. In affected versions a request to create or update custom sidebar section can cause a denial of service. This issue has been patched in commit 52b003d915. Users are advised to upgrade. There are no known workarounds for this vulnerability...

CVE-2023-32985

Jenkins Sidebar Link Plugin 2.2.1 and earlier does not restrict the path of files in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system...

CVE-2022-4785

The Video Sidebar Widgets WordPress plugin through 6.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2022-4460

The Sidebar Widgets by CodeLights WordPress plugin through 1.4 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as a contributor to perform Stored Cross-Site Scripting attacks, which could be used...

CVE-2020-25033

The Blubrry subscribe-sidebar aka Subscribe Sidebar plugin 1.3.1 for WordPress allows subscribesidebar.php= reflected XSS...

CVE-2025-47647

Cross-Site Request Forgery CSRF vulnerability in OTWthemes Sidebar Manager Light sidebar-manager-light allows Cross Site Request Forgery.This issue affects Sidebar Manager Light: from n/a through = 1.18...

CVE-2025-47647

Cross-Site Request Forgery CSRF vulnerability in OTWthemes Sidebar Manager Light sidebar-manager-light allows Cross Site Request Forgery.This issue affects Sidebar Manager Light: from n/a through = 1.18...

CVE-2025-47647

CVE-2025-47647 : CSRF in OTWthemes Sidebar Manager Light affects versions

CVE-2025-47647 WordPress Sidebar Manager Light plugin <= 1.18 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in OTWthemes Sidebar Manager Light sidebar-manager-light allows Cross Site Request Forgery.This issue affects Sidebar Manager Light: from n/a through = 1.18...

CVE-2025-47647 WordPress Sidebar Manager Light <= 1.18 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in OTWthemes Sidebar Manager Light allows Cross Site Request Forgery. This issue affects Sidebar Manager Light: from n/a through 1.18...

PT-2025-20204 · Unknown · Otwthemes Sidebar Manager Light

Name of the Vulnerable Software and Affected Versions: OTWthemes Sidebar Manager Light versions 1.18 and earlier Description: A Cross-Site Request Forgery CSRF issue affects the software, allowing unauthorized actions to be performed on behalf of a user. Recommendations: For versions 1.18 and...

WordPress plugin Sidebar Manager Light 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

CVE-2025-32112

Cross-Site Request Forgery CSRF vulnerability in OTWthemes Sidebar Manager Light sidebar-manager-light allows Cross Site Request Forgery.This issue affects Sidebar Manager Light: from n/a through = 1.18...

CVE-2025-32112

Cross-Site Request Forgery CSRF vulnerability in OTWthemes Sidebar Manager Light sidebar-manager-light allows Cross Site Request Forgery.This issue affects Sidebar Manager Light: from n/a through = 1.18...

CVE-2025-32112 WordPress Sidebar Manager Light plugin <= 1.1.8 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in OTWthemes Sidebar Manager Light allows Cross Site Request Forgery. This issue affects Sidebar Manager Light: from n/a through 1.1.8...

CVE-2025-32112 WordPress Sidebar Manager Light plugin <= 1.18 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in OTWthemes Sidebar Manager Light sidebar-manager-light allows Cross Site Request Forgery.This issue affects Sidebar Manager Light: from n/a through = 1.18...

WordPress Sidebar Manager Light plugin <= 1.18 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by SOPROBRO in WordPress Plugin Sidebar Manager Light versions = 1.18...

WordPress plugin Sidebar Manager Light 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...