CVE-2023-44473 WordPress Table of Contents Plus Plugin <= 2302 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Michael Tran Table of Contents Plus plugin = 2302 versions...

CVE-2023-44473

CVE-2023-44473 affects the WordPress Table of Contents Plus plugin (versions

CVE-2023-44473 WordPress Table of Contents Plus Plugin <= 2302 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Michael Tran Table of Contents Plus plugin = 2302 versions...

WordPress Plugin Table of Contents Plus Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

PT-2023-29252 · WordPress · Table Of Contents Plus

Name of the Vulnerable Software and Affected Versions: Michael Tran Table of Contents Plus plugin versions = 2302 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web...

WordPress Table of Contents Plus Plugin <= 2302 is vulnerable to Cross Site Request Forgery (CSRF)

Software Table of Contents Plus Type Plugin Vulnerable versions = 2302 Fixed in 2309 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-44473 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 9767a2935241 Credits Muhammad Daffa...

WordPress Table of Contents Plus Plugin < 2309 is vulnerable to Cross Site Scripting (XSS)

Software Table of Contents Plus Type Plugin Vulnerable versions 2309 Fixed in 2309 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE N/A Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID add1e3e311bd Credits Unknown Required privilege...

WordPress Joli Table Of Contents Plugin < 2.0.10 is vulnerable to Cross Site Scripting (XSS)

Software Joli Table Of Contents Type Plugin Vulnerable versions 2.0.10 Fixed in 2.0.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID dbdc6cbc5b8e Credits Rafie Muhammad Patchstack...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in WPJoli Joli Table Of Contents plugin = 1.3.9 versions...

CVE-2022-46820

CVE-2022-46820 affects the WPJoli Joli Table Of Contents WordPress plugin, specifically versions

CVE-2022-46820 WordPress Joli Table Of Contents Plugin <= 1.3.9 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in WPJoli Joli Table Of Contents plugin = 1.3.9 versions...

CVE-2022-46820 WordPress Joli Table Of Contents Plugin <= 1.3.9 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in WPJoli Joli Table Of Contents plugin = 1.3.9 versions...

WordPress Easy Table of Contents Plugin <= 2.0.45.2 is vulnerable to Broken Access Control

Software Easy Table of Contents Type Plugin Vulnerable versions = 2.0.45.2 Fixed in 2.0.46 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-25469 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 8f5ee9912e34 Credits Rafshanzani Suhada...

CVE-2022-4551

The Rich Table of Contents WordPress plugin before 1.3.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attack...

CVE-2022-4551

The Rich Table of Contents WordPress plugin before 1.3.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attack...

Cross site scripting

The Rich Table of Contents WordPress plugin before 1.3.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attack...

CVE-2022-4551 Rich Table of Contents < 1.3.9 - Contributor+ Stored XSS

The Rich Table of Contents WordPress plugin before 1.3.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attack...

WordPress Table of Contents Plus Plugin < 2212 XSS Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:tableofcontentsplusproject:tableofcontentsplus"; if...

WordPress Rich Table of Contents Plugin <= 1.3.8 is vulnerable to Cross Site Scripting (XSS)

Software Rich Table of Contents Type Plugin Vulnerable versions = 1.3.8 Fixed in 1.3.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4551 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 2ac49cba0f41 Credits Lana Codes...

Rich Table of Contents < 1.3.9 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks Note: The shortcode generates the content...