134 matches found
PT-2024-36589 · WordPress · Schema & Structured Data For Wp & Amp
Name of the Vulnerable Software and Affected Versions: Schema & Structured Data for WP & AMP plugin for WordPress versions up to, and including, 1.33 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes, specifically the url attribute...
Wordpress Schema App Structured Data plugin <= 2.2.0 - Cross-Site Request Forgery vulnerability
Cross-Site Request Forgery vulnerability discovered by Francesco Carlucci in WordPress Plugin Schema App Structured Data versions = 2.2.0...
WordPress Schema App Structured Data Plugin <= 2.2.0 is vulnerable to Cross Site Request Forgery (CSRF)
Software Schema App Structured Data Type Plugin Vulnerable versions = 2.2.0 Fixed in 2.2.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-0892 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID c2993c18775c Credits Francesco...
WordPress plugin Schema App Structured Data Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
Schema App Structured Data <= 2.2.0 - Cross-Site Request Forgery
Description The Schema App Structured Data plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.0. This is due to missing or incorrect nonce validation on the MarkUpdate function. This makes it possible for unauthenticated attackers to update...
WordPress plugin Schema App Structured Data 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2024-15898 · WordPress · Schema App Structured Data
Name of the Vulnerable Software and Affected Versions: The Schema App Structured Data plugin for WordPress versions prior to 2.1.1 Description: The issue allows authenticated attackers with subscriber access or higher to update or delete post metadata due to a missing capability check on the...
CVE-2024-3491
The Schema & Structured Data for WP & AMP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's "How To" and "FAQ" Blocks in all versions up to, and including, 1.29 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
CVE-2024-3491
CVE-2024-3491 concerns the Schema & Structured Data for WP & AMP plugin for WordPress. The vulnerability is a Stored Cross-Site Scripting (XSS) in the plugin’s How To and FAQ blocks, affecting all versions up to 1.29. It stems from insufficient input sanitization and output escaping on user-suppl...
CVE-2024-3491 Schema & Structured Data for WP & AMP <= 1.29 - Authenticated (Contributor+) Stored Cross-Site Scripting via How To and FAQ Blocks
The Schema & Structured Data for WP & AMP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's "How To" and "FAQ" Blocks in all versions up to, and including, 1.29 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
WordPress Schema & Structured Data for WP & AMP plugin <= 1.29 - Authenticated (Contributor+) Stored Cross-Site Scripting via How To and FAQ Blocks vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via How To and FAQ Blocks vulnerability discovered by stealthcopter in WordPress Plugin Schema & Structured Data for WP & AMP versions = 1.29...
WordPress plugin Schema & Structured Data for WP & AMP 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
Schema & Structured Data for WP & AMP < 1.30 - Authenticated (Contributor+) Stored Cross-Site Scripting via How To and FAQ Blocks
Description The Schema & Structured Data for WP & AMP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's "How To" and "FAQ" Blocks in all versions up to, and including, 1.29 due to insufficient input sanitization and output escaping on user supplied attributes. Thi...
WordPress Schema & Structured Data for WP & AMP Plugin <= 1.29 is vulnerable to Cross Site Scripting (XSS)
Software Schema & Structured Data for WP & AMP Type Plugin Vulnerable versions = 1.29 Fixed in 1.30 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3491 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 9d749b7fc8ce Credits...
CVE-2024-1586
The Schema & Structured Data for WP & AMP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom schema in all versions up to, and including, 1.26 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers to inject...
CVE-2024-1586
The Schema & Structured Data for WP & AMP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom schema in all versions up to, and including, 1.26 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers to inject...
CVE-2024-1288
The Schema & Structured Data for WP & AMP plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'saswpreviewsformrender' function in all versions up to, and including, 1.26. This makes it possible for authenticated attackers, with...
Design/Logic Flaw
The Schema & Structured Data for WP & AMP plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'saswpreviewsformrender' function in all versions up to, and including, 1.26. This makes it possible for authenticated attackers, with...
WordPress Plugin Schema & Structured Data for WP & AMP Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...
WordPress Plugin Schema & Structured Data for WP & AMP Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...