EUVD-2023-32169

Malicious code in bioql PyPI...

CVE-2022-1303

The Slide Anything WordPress plugin before 2.3.44 does not sanitize and escape sliders' description, which could allow high privilege users such as editor and above to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...

CVE-2022-2413

The Slide Anything WordPress plugin before 2.3.47 does not properly sanitize or escape the slide title before outputting it in the admin pages, allowing a logged in user with roles as low as Author to inject a javascript payload into the slide title even when the unfilteredhtml capability is...

CVE-2022-2413

The Slide Anything WordPress plugin before 2.3.47 does not properly sanitize or escape the slide title before outputting it in the admin pages, allowing a logged in user with roles as low as Author to inject a javascript payload into the slide title even when the unfilteredhtml capability is...

CVE-2022-2413

The Slide Anything WordPress plugin before 2.3.47 does not properly sanitize or escape the slide title before outputting it in the admin pages, allowing a logged in user with roles as low as Author to inject a javascript payload into the slide title even when the unfilteredhtml capability is...

CVE-2022-2413

The CVE-2022-2413 issue affects the Slide Anything WordPress plugin prior to 2.3.47. Root cause: the slide title is not properly sanitized/escaped before output in admin pages, enabling a logged-in user with roles as low as Author to inject JavaScript payloads. Impact: cross-site scripting in adm...

CVE-2022-2413 Slide Anything < 2.3.47 - Author+ Cross Site Scripting in slide title

The Slide Anything WordPress plugin before 2.3.47 does not properly sanitize or escape the slide title before outputting it in the admin pages, allowing a logged in user with roles as low as Author to inject a javascript payload into the slide title even when the unfilteredhtml capability is...

WordPress plugin Slide Anything Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

CVE-2023-28499

Auth. author+ Stored Cross-Site Scripting XSS vulnerability in simonpedge Slide Anything – Responsive Content / HTML Slider and Carousel plugin = 2.4.9 versions...

Cross site scripting

Auth. author+ Stored Cross-Site Scripting XSS vulnerability in simonpedge Slide Anything – Responsive Content / HTML Slider and Carousel plugin = 2.4.9 versions...

CVE-2023-28499

CVE-2023-28499 affects the WordPress plugin Slide Anything – Responsive Content / HTML Slider and Carousel . Vulnerable versions:

WordPress Plugin Slide Anything Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

PT-2023-21762 · WordPress · Slide Anything

Name of the Vulnerable Software and Affected Versions: Slide Anything – Responsive Content / HTML Slider and Carousel plugin versions prior to 2.4.9 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability. This type of vulnerability allows an attacker to inject...

WordPress Slide Anything Plugin < 2.3.44 XSS Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:slideanythingproject:slideanything"; ifdescription...

WordPress Slide Anything Plugin <= 2.4.9 is vulnerable to Cross Site Scripting (XSS)

Software Slide Anything Type Plugin Vulnerable versions = 2.4.9 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-28499 Patch priority Medium CVSS severity Medium 5.9 Developer Claim ownership PSID 20dca4f988b8 Credits RE-ALTER Required...

Slide Anything < 2.3.47 - Author+ Cross Site Scripting in slide title

The plugin does not properly sanitize or escape the slide title before outputting it in the admin pages, allowing a logged in user with roles as low as Author to inject a javascript payload into the slide title even when the unfilteredhtml capability is disabled. An incomplete fix was introduced ...

CVE-2022-1303

The Slide Anything WordPress plugin before 2.3.44 does not sanitize and escape sliders' description, which could allow high privilege users such as editor and above to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...

CVE-2022-1303

The Slide Anything WordPress plugin before 2.3.44 does not sanitize and escape sliders' description, which could allow high privilege users such as editor and above to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...

Cross site scripting

The Slide Anything WordPress plugin before 2.3.44 does not sanitize and escape sliders' description, which could allow high privilege users such as editor and above to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...

WordPress plugin Slide Anything 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on servers running PHP and MySQL. A cross-site scripting vulnerability exists...