WordPress Beaver Builder Addons by WPZOOM plugin <= 1.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Testimonials Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Testimonials Widget vulnerability discovered by Francesco Carlucci in WordPress Plugin Beaver Builder Addons by WPZOOM versions = 1.3.4...

WordPress Testimonials Widget plugin <= 4.0.4 - Authenticated (Author+) Stored Cross-Site Scripting via testimonials Shortcode vulnerability

Authenticated Author+ Stored Cross-Site Scripting via testimonials Shortcode vulnerability discovered by stealthcopter in WordPress Plugin Testimonials Widget versions = 4.0.4...

WordPress The Plus Addons for Elementor - Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin <= 5.6.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Testimonials Widget Settings vulnerability

WordPress The Plus Addons for Elementor - Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin = 5.6.2 - Authenticated Contributor+ Stored Cross-Site Scripting via Testimonials Widget Settings vulnerability discovered by Ngô Thiên An ancorn in WordPress Plugin The Plus Addons...

EUVD-2024-44302

Malicious code in bioql PyPI...

EUVD-2024-36752

Malicious code in bioql PyPI...

EUVD-2024-27149

Malicious code in bioql PyPI...

EUVD-2024-46772

Malicious code in bioql PyPI...

CVE-2024-4705

The Testimonials Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's testimonials shortcode in all versions up to, and including, 4.0.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-37553

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Axelerant Testimonials Widget allows Stored XSS.This issue affects Testimonials Widget: from n/a through 4.0.4...

CVE-2024-5583

The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the carouseldirection parameter of testimonials widget in all versions up to, and including, 5.6.2 due to insufficient input...

CVE-2024-5583

The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the carouseldirection parameter of testimonials widget in all versions up to, and including, 5.6.2 due to insufficient input...

CVE-2024-5583 The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce <= 5.6.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Testimonials Widget Settings

The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the carouseldirection parameter of testimonials widget in all versions up to, and including, 5.6.2 due to insufficient input...

PT-2024-36590 · Elementor · The Plus Addons For Elementor

Name of the Vulnerable Software and Affected Versions: The Plus Addons for Elementor versions up to, and including, 5.6.2 Description: The issue is related to Stored Cross-Site Scripting via the carousel direction parameter of the testimonials widget. This is due to insufficient input sanitizatio...

CVE-2024-37553

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Axelerant Testimonials Widget allows Stored XSS.This issue affects Testimonials Widget: from n/a through 4.0.4...

CVE-2024-37553

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Axelerant Testimonials Widget allows Stored XSS.This issue affects Testimonials Widget: from n/a through 4.0.4...

CVE-2024-37553 WordPress Testimonials Widget plugin <= 4.0.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Axelerant Testimonials Widget allows Stored XSS.This issue affects Testimonials Widget: from n/a through 4.0.4...

CVE-2024-37553

CVE-2024-37553 : Affects WordPress plugin Testimonials Widget (vulnerable: up to 4.0.4). Root cause: Improper Neutralization of Input During Web Page Generation, enabling Stored XSS. Exploitation status (per connected data): Unpatched. Public references indicate PatchStack discussion; CVSS bases ...

CVE-2024-37553 WordPress Testimonials Widget plugin <= 4.0.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Axelerant Testimonials Widget allows Stored XSS.This issue affects Testimonials Widget: from n/a through 4.0.4...

WordPress Testimonials Widget plugin <= 4.0.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin Testimonials Widget versions = 4.0.4...

WordPress Testimonials Widget Plugin <= 4.0.4 is vulnerable to Cross Site Scripting (XSS)

Software Testimonials Widget Type Plugin Vulnerable versions = 4.0.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37553 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID e3f989753985 Credits Joshua Chan Required privilege...