Lucene search
K

98 matches found

WPVulnDB
WPVulnDB
added 2024/04/01 12:0 a.m.16 views

StreamWeasels Twitch Integration < 1.7.6 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The StreamWeasels Twitch Integration plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.7.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access...

6.5CVSS5.8AI score0.00351EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/03/27 1:15 p.m.15 views

CVE-2024-29766

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in StreamWeasels StreamWeasels Twitch Integration allows Stored XSS.This issue affects StreamWeasels Twitch Integration: from n/a through 1.7.5...

6.5CVSS6.4AI score0.00351EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/03/27 1:6 p.m.10 views

CVE-2024-29766 WordPress StreamWeasels Twitch Integration plugin <= 1.7.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in StreamWeasels StreamWeasels Twitch Integration allows Stored XSS.This issue affects StreamWeasels Twitch Integration: from n/a through 1.7.5...

6.5CVSS6.5AI score0.00351EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/27 1:6 p.m.21 views

CVE-2024-29766 WordPress StreamWeasels Twitch Integration plugin <= 1.7.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in StreamWeasels StreamWeasels Twitch Integration allows Stored XSS.This issue affects StreamWeasels Twitch Integration: from n/a through 1.7.5...

6.5CVSS6.6AI score0.00351EPSS
Exploits0References1
CVE
CVE
added 2024/03/27 1:6 p.m.57 views

CVE-2024-29766

CVE-2024-29766 is a Cross-site Scripting vulnerability in StreamWeasels Twitch Integration for WordPress, affecting StreamWeasels Twitch Integration: from n/a through 1.7.5. The root cause is improper neutralization of input during web page generation, enabling stored XSS. Impact is described as ...

6.5CVSS8.6AI score0.00351EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/03/27 12:0 a.m.4 views

WordPress Plugin StreamWeasels Twitch Integration 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

6.5CVSS7AI score0.00351EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/03/27 12:0 a.m.5 views

PT-2024-23007 · Unknown · Streamweasels Twitch Integration

Name of the Vulnerable Software and Affected Versions: StreamWeasels Twitch Integration versions 1.7.5 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Stored XSS. This enables potential...

6.5CVSS9.2AI score0.00351EPSS
Exploits0References4
Patchstack
Patchstack
added 2024/03/25 12:0 a.m.8 views

WordPress StreamWeasels Twitch Integration Plugin <= 1.7.5 is vulnerable to Cross Site Scripting (XSS)

Software StreamWeasels Twitch Integration Type Plugin Vulnerable versions = 1.7.5 Fixed in 1.7.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29766 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 3f0d9c8910bb Credits LVT-tholv2k Required...

6.5CVSS6.9AI score0.00351EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.4 views

WordPress StreamWeasels Twitch Integration Plugin <= 1.6.7 is vulnerable to Cross Site Scripting (XSS)

Software StreamWeasels Twitch Integration Type Plugin Vulnerable versions = 1.6.7 Fixed in 1.6.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 71e06e3c812c Credits Rafie Muhammad...

6.2AI score0.00284EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.6 views

WordPress StreamWeasels YouTube Integration Plugin < 1.1.4 is vulnerable to Cross Site Scripting (XSS)

Software StreamWeasels YouTube Integration Type Plugin Vulnerable versions 1.1.4 Fixed in 1.1.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4670ce2ab82b Credits Rafie Muhammad...

6.3AI score0.00284EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/04/07 1:15 p.m.3 views

CVE-2023-25464

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in StreamWeasels Twitch Player plugin = 2.1.0 versions...

4.8CVSS6.6AI score
Exploits0References1
NVD
NVD
added 2023/04/07 1:15 p.m.22 views

CVE-2023-25464

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in StreamWeasels Twitch Player plugin = 2.1.0 versions...

5.9CVSS5.4AI score0.00369EPSS
Exploits0References1
Prion
Prion
added 2023/04/07 1:15 p.m.21 views

Cross site scripting

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in StreamWeasels Twitch Player plugin = 2.1.0 versions...

4.3CVSS4.9AI score0.00369EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/04/07 12:3 p.m.26 views

CVE-2023-25464 WordPress Twitch Player Plugin <= 2.1.0 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in StreamWeasels Twitch Player plugin = 2.1.0 versions...

5.9CVSS5.5AI score0.00369EPSS
Exploits0References1
CVE
CVE
added 2023/04/07 12:3 p.m.59 views

CVE-2023-25464

CVE-2023-25464 affects the WordPress Twitch Player plugin (StreamWeasels)

5.9CVSS4.9AI score0.00369EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/04/07 12:0 a.m.7 views

PT-2023-20082 · Unknown · Streamweasels Twitch Player

Name of the Vulnerable Software and Affected Versions: StreamWeasels Twitch Player plugin versions = 2.1.0 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin+ privileges. Recommendations: For versions = 2.1.0, at the moment...

5.9CVSS5.5AI score0.00369EPSS
Exploits0References4
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.11 views

WordPress StreamWeasels Twitch Integration plugin <= 1.3.3 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress StreamWeasels Twitch Integration plugin versions = 1.3.3. Solution Update the WordPress StreamWeasels Twitch Integration plugin to the latest available version at least 1.3.4...

4AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.10 views

WordPress StreamWeasels Twitch Integration plugin <= 1.3.3 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress StreamWeasels Twitch Integration plugin versions = 1.3.3. Solution Update the WordPress StreamWeasels Twitch Integration plugin to the latest available version at least 1.3.4...

2.7AI score
Exploits0References2Affected Software1
Rows per page
Query Builder