8 matches found
EUVD-2017-9651
Malware in sbrugna...
WordPress smokesignal plugin cross-site scripting vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. smokesignal is a plugin used to communicate with registered users of the site. A cross-site scripting vulnerability exists in the...
CVE-2017-18535
The smokesignal plugin before 1.2.7 for WordPress has XSS...
CVE-2017-18535
The smokesignal plugin before 1.2.7 for WordPress has XSS...
Cross site scripting
The smokesignal plugin before 1.2.7 for WordPress has XSS...
CVE-2017-18535
CVE-2017-18535 affects the WordPress Smokesignal plugin prior to version 1.2.7 and is a cross-site scripting (XSS) vulnerability. The CVE entries in multiple feeds confirm the plugin and version range, with XSS resulting in client-side code execution (integrity impact, partial). Exploitation deta...
CVE-2017-18535
The smokesignal plugin before 1.2.7 for WordPress has XSS...
WordPress SmokeSignal plugin <=1.2.6 - Authenticated Stored XSS (Cross-Site Scripting) vulnerability
Authenticated Stored XSS Cross-Site Scripting vulnerability found in WordPress SmokeSignal plugin =1.2.6 by Paul Dannewitz. The plugin allows users to communicate by messages. However, messages not sanitized before they are displayed. It allows an attacker to inject malicious script. Users with l...