WordPress Blog Sidebar Widget plugin <= 1.0.5 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Blog Sidebar Widget plugin versions = 1.0.5. Solution No patched version available...

WordPress Blog Sidebar Widget plugin <= 1.0.5 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Blog Sidebar Widget plugin versions = 1.0.5. Solution No patched version available...

CVE-2021-45473

In MediaWiki through 1.37, Wikibase item descriptions allow XSS, which is triggered upon a visit to an action=info URL aka a page-information sidebar...

CVE-2021-45473

In MediaWiki through 1.37, Wikibase item descriptions allow XSS, which is triggered upon a visit to an action=info URL aka a page-information sidebar...

CVE-2021-34666

The Add Sidebar WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the add parameter in the /wpsidebarMenu.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 2.0.0...

CVE-2021-34666 Add Sidebar <= 2.0.0 Reflected Cross-Site Scripting

The Add Sidebar WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the add parameter in the /wpsidebarMenu.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 2.0.0...

CVE-2021-34666

The CVE-2021-34666 entry concerns the WordPress Add Sidebar plugin, affected in versions up to and including 2.0.0. The vulnerability is a Reflected Cross-Site Scripting (XSS) flaw triggered via the add parameter in the ~/wp_sidebarMenu.php script, enabling an attacker to inject arbitrary scripts...

WordPress 插件跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress Plugin is an open source application plugin for WordPress. WordPress Add Sidebar plugin has a security...

Add Sidebar <= 2.0.0 - Reflected Cross-Site Scripting

The plugin is vulnerable to Reflected Cross-Site Scripting via the add parameter in the /wpsidebarMenu.php file which allows attackers to inject arbitrary web scripts...

WordPress Add Sidebar plugin <= 2.0.0 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by p7e4 in WordPress Add Sidebar plugin versions = 2.0.0. Solution This plugin has been closed as of August 12, 2021 and is not available for download. This closure is temporary, pending a full review...

openSUSE Security Update : opera (openSUSE-2021-712)

This update for opera fixes the following issues : Update to version 76.0.4017.94 - released on the stable branch Update to version 76.0.4017.88 - CHR-8404 Update chromium on desktop-stable-90-4017 to 90.0.4430.85 - DNA-92219 Add bookmark API supports to the front-end - DNA-92409 MAC Present now...

IPS Community Suite 4.5.4.2 PHP Code Injection Vulnerability

IPS Community Suite versions 4.5.4.2 and below suffer from a PHP code injection vulnerability. The vulnerability exists because the IPS\cms\modules\front\pages\builder::previewBlock method allows to pass arbitrary content to the IPS\Theme::runProcessFunction method, which will be used in a call t...

@qbunnyteam/superlogin (>=0.0.3 <=0.0.4), @sensu/superlogin (>=1.2.2 <=1.2.6) +16 more potentially affected by CVE-2020-7673 via node-extend (=0.2.0)

node-extend NPM version =0.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on node-extend and may be impacted: - @qbunnyteam/superlogin =0.0.3, =1.2.2, =0.1.0, =0.1.0, =0.0.0, =0.2.0, =4.1.4, =1.1.0, =1.4.1 and more Source cves: CVE-2020-7673 Source...

GHSA-2MM9-C2FX-C7M4 Docsify XSS Vulnerability

This affects the package docsify before 4.12.0. It is possible to bypass the remediation done by CVE-2020-7680 and execute malicious JavaScript through the following methods 1 When parsing HTML from remote URLs, the HTML code on the main page is sanitized, but this sanitization is not taking plac...

Docsify XSS Vulnerability

This affects the package docsify before 4.12.0. It is possible to bypass the remediation done by CVE-2020-7680 and execute malicious JavaScript through the following methods 1 When parsing HTML from remote URLs, the HTML code on the main page is sanitized, but this sanitization is not taking plac...

Authentication flaw

This affects the package docsify before 4.12.0. It is possible to bypass the remediation done by CVE-2020-7680 and execute malicious JavaScript through the following methods 1 When parsing HTML from remote URLs, the HTML code on the main page is sanitized, but this sanitization is not taking plac...

CVE-2021-23342

This affects the package docsify before 4.12.0. It is possible to bypass the remediation done by CVE-2020-7680 and execute malicious JavaScript through the following methods 1 When parsing HTML from remote URLs, the HTML code on the main page is sanitized, but this sanitization is not taking plac...

Cross-site Scripting (XSS)

Overview docsify is a magical documentation site generator. Affected versions of this package are vulnerable to Cross-site Scripting XSS. It is possible to bypass the remediation done by CVE-2020-7680 and execute malicious JavaScript through the following methods 1 When parsing HTML from remote...

openSUSE Security Update : opera (openSUSE-2021-296)

This update for opera fixes the following issues : - Update to version 74.0.3911.107 - CHR-8311 Update chromium on desktop-stable-88-3911 to 88.0.4324.150 - DNA-90329 Implement clientcapabilities negotiation for Flow / Sync - DNA-90560 Search Tabs Open Tabs On Top - DNA-90620 Add opauto tests for...

OPENSUSE-SU-2021:0296-1 Security update for opera

This update for opera fixes the following issues: - Update to version 74.0.3911.107 - CHR-8311 Update chromium on desktop-stable-88-3911 to 88.0.4324.150 - DNA-90329 Implement clientcapabilities negotiation for Flow / Sync - DNA-90560 Search Tabs Open Tabs On Top - DNA-90620 Add opauto tests for...