41 matches found
CVE-2022-0446
The Simple Banner WordPress plugin before 2.12.0 does not properly sanitize its "Simple Banner Text" Settings allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2025-12033
The Simple Banner – Easily add multiple Banners/Bars/Notifications/Announcements to the top or bottom of your website plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'proversionactivationcode' parameter in all versions up to, and including, 3.0.10 due to insufficient inp...
CVE-2025-12033
The Simple Banner – Easily add multiple Banners/Bars/Notifications/Announcements to the top or bottom of your website plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'proversionactivationcode' parameter in all versions up to, and including, 3.0.10 due to insufficient inp...
EUVD-2025-35324
The Simple Banner – Easily add multiple Banners/Bars/Notifications/Announcements to the top or bottom of your website plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'proversionactivationcode' parameter in all versions up to, and including, 3.0.10 due to insufficient inp...
CVE-2025-12033
CVE-2025-12033 is a genuine WordPress plugin vulnerability affecting the plugin Simple Banner (
CVE-2025-12033 Simple Banner <= 3.0.10 - Authenticated (Admin+) Stored Cross-Site Scripting
The Simple Banner – Easily add multiple Banners/Bars/Notifications/Announcements to the top or bottom of your website plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'proversionactivationcode' parameter in all versions up to, and including, 3.0.10 due to insufficient inp...
WordPress plugin Simple Banner 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
WordPress Simple Banner plugin <= 3.0.10 - Authenticated (Admin+) Stored Cross-Site Scripting vulnerability
Authenticated Admin+ Stored Cross-Site Scripting vulnerability discovered by Cody Sixteen in WordPress Plugin Simple Banner versions = 3.0.10...
EUVD-2022-34772
Malicious code in bioql PyPI...
CVE-2022-2515
The Simple Banner plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the proversionactivationcode parameter in versions up to, and including, 2.11.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, including those...
CVE-2024-13898
The Simple Banner – Easily add multiple Banners/Bars/Notifications/Announcements to the top or bottom of your website plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.0.5 due to insufficient input sanitization and output...
CVE-2024-13898 Simple Banner <= 3.0.4 - Authenticated (Administrator+) Stored Cross-Site Scripting
The Simple Banner – Easily add multiple Banners/Bars/Notifications/Announcements to the top or bottom of your website plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.0.5 due to insufficient input sanitization and output...
WordPress plugin Simple Banner 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
CVE-2024-12769
The Simple Banner WordPress plugin before 3.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
WordPress Simple Banner plugin < 3.0.4 - Admin+ Stored XSS vulnerability
Admin+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Simple Banner versions 3.0.4...
CVE-2024-12769
The Simple Banner WordPress plugin before 3.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-12769 Simple Banner < 3.0.4 - Admin+ Stored XSS
The Simple Banner WordPress plugin before 3.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-12769 Simple Banner < 3.0.4 - Admin+ Stored XSS
The Simple Banner WordPress plugin before 3.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
WordPress plugin Simple Banner 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in the...
CVE-2022-2515
The Simple Banner plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the proversionactivationcode parameter in versions up to, and including, 2.11.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, including those...