76 matches found
CVE-2025-0512
The Structured Content JSON-LD wpsc plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's scfslocalbusiness shortcode in all versions up to, and including, 6.4.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
WordPress plugin Structured Content 跨站脚本漏洞
WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabili...
CVE-2024-43307
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Gordon Böhme, Antonio Leutsch Structured Content allows Stored XSS.This issue affects Structured Content: from n/a through 1.6.2...
CVE-2024-43307
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Gordon Böhme, Antonio Leutsch Structured Content allows Stored XSS.This issue affects Structured Content: from n/a through 1.6.2...
CVE-2024-43307
CVE-2024-43307 affects the WordPress Structured Content plugin (Structured Content #wpsc) up to version 1.6.2. Root cause: improper input neutralization during web page generation, enabling stored XSS. Impact per the citation: cross-site scripting affecting confidentiality, integrity, and availab...
CVE-2024-43307 WordPress Structured Content (JSON-LD) #wpsc plugin <= 1.6.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Gordon Böhme, Antonio Leutsch Structured Content allows Stored XSS.This issue affects Structured Content: from n/a through 1.6.2...
WordPress plugin Structured Content 跨站脚本漏洞
WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exist...
WordPress Structured Content (JSON-LD) #wpsc plugin <= 1.6.2 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Michael Patchstack Alliance in WordPress Plugin Structured Content versions = 1.6.2...
WordPress Structured Content Plugin <= 1.6.2 is vulnerable to Cross Site Scripting (XSS)
Software Structured Content Type Plugin Vulnerable versions = 1.6.2 Fixed in 1.6.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-43307 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID df5a04e07bd7 Credits Michael Required privilege...
CVE-2024-24839
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Gordon Böhme, Antonio Leutsch Structured Content JSON-LD wpsc allows Stored XSS.This issue affects Structured Content JSON-LD wpsc: from n/a through 1.6.1...
Cross site scripting
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Gordon Böhme, Antonio Leutsch Structured Content JSON-LD wpsc allows Stored XSS.This issue affects Structured Content JSON-LD wpsc: from n/a through 1.6.1...
CVE-2024-24839 WordPress Structured Content Plugin <= 1.6.1 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Gordon Böhme, Antonio Leutsch Structured Content JSON-LD wpsc allows Stored XSS.This issue affects Structured Content JSON-LD wpsc: from n/a through 1.6.1...
CVE-2024-24839
CVE-2024-24839 affects the WordPress plugin "Structured Content (JSON-LD)" (formerly known as Structured Content, wpsc). The issue is an authenticated Stored XSS (Contributor+ and above) via the plugin’s Classic Editor Shortcode, due to improper input sanitization/output escaping for JSON-LD cont...
CVE-2024-24839 WordPress Structured Content Plugin <= 1.6.1 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Gordon Böhme, Antonio Leutsch Structured Content JSON-LD wpsc allows Stored XSS.This issue affects Structured Content JSON-LD wpsc: from n/a through 1.6.1...
Structured Content < 1.6.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Classic Editor Shortcode
Description The Structured Content plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Classic Editor shortcodes in all versions up to, and including, 1.6.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attacker...
WordPress plugin Structured Content Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...
WordPress Structured Content Plugin <= 1.6.1 is vulnerable to Cross Site Scripting (XSS)
Software Structured Content Type Plugin Vulnerable versions = 1.6.1 Fixed in 1.6.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-24839 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 74b9c66453a9 Credits LVT-tholv2k Required privilege...
CVE-2023-49819
Deserialization of Untrusted Data vulnerability in Gordon Böhme, Antonio Leutsch Structured Content JSON-LD wpsc.This issue affects Structured Content JSON-LD wpsc: from n/a through 1.5.3...
Deserialization of untrusted data
Deserialization of Untrusted Data vulnerability in Gordon Böhme, Antonio Leutsch Structured Content JSON-LD wpsc.This issue affects Structured Content JSON-LD wpsc: from n/a through 1.5.3...
CVE-2023-49819 WordPress Structured Content Plugin <= 1.5.3 is vulnerable to PHP Object Injection
Deserialization of Untrusted Data vulnerability in Gordon Böhme, Antonio Leutsch Structured Content JSON-LD wpsc.This issue affects Structured Content JSON-LD wpsc: from n/a through 1.5.3...