Lucene search
K

119 matches found

Patchstack
Patchstack
added 2023/07/28 12:0 a.m.11 views

WordPress Enhanced Text Widget Plugin <= 1.5.7 is vulnerable to Cross Site Request Forgery (CSRF)

Software Enhanced Text Widget Type Plugin Vulnerable versions = 1.5.7 Fixed in 1.5.8 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-3977 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 005d3b171c4a Credits WordFence...

4.3CVSS4.4AI score0.00512EPSS
Exploits1References4Affected Software1
Patchstack
Patchstack
added 2023/07/28 12:0 a.m.10 views

WordPress Enhanced Text Widget Plugin <= 1.5.7 is vulnerable to Broken Access Control

Software Enhanced Text Widget Type Plugin Vulnerable versions = 1.5.7 Fixed in 1.5.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-0958 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 2f1a0df14a11 Credits WordFence Required...

6.5CVSS6.2AI score0.00557EPSS
Exploits0References4Affected Software1
Patchstack
Patchstack
added 2023/06/28 12:0 a.m.9 views

WordPress Enhanced Text Widget Plugin <= 1.5.8 is vulnerable to Broken Access Control

Software Enhanced Text Widget Type Plugin Vulnerable versions = 1.5.8 Fixed in 1.5.9 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-23823 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 8e733a2c39ab Credits Muhammad Daffa Required...

6.3AI score0.00486EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2023/06/22 12:15 p.m.22 views

CVE-2023-26539

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Max Chirkov Advanced Text Widget plugin = 2.1.2 versions...

5.9CVSS5.4AI score0.00369EPSS
Exploits0References1
OSV
OSV
added 2023/06/22 12:15 p.m.3 views

CVE-2023-26539

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Max Chirkov Advanced Text Widget plugin = 2.1.2 versions...

4.8CVSS7.3AI score0.00369EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/06/22 11:50 a.m.14 views

CVE-2023-26539 WordPress Advanced Text Widget Plugin <= 2.1.2 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Max Chirkov Advanced Text Widget plugin = 2.1.2 versions...

5.9CVSS5.6AI score0.00369EPSS
Exploits0References1
CVE
CVE
added 2023/06/22 11:50 a.m.38 views

CVE-2023-26539

CVE-2023-26539 affects the WordPress plugin Advanced Text Widget (versions

5.9CVSS5AI score0.00369EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/06/22 12:0 a.m.5 views

WordPress plugin Advanced Text Widget 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

5.9CVSS6.2AI score0.00369EPSS
Exploits0References2
Patchstack
Patchstack
added 2023/02/28 12:0 a.m.14 views

WordPress Advanced Text Widget Plugin <= 2.1.2 is vulnerable to Cross Site Scripting (XSS)

Software Advanced Text Widget Type Plugin Vulnerable versions = 2.1.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-26539 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 594fab9af0b0 Credits Rio Darmawan Require...

5.9CVSS6AI score0.00369EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2014/11/16 11:59 a.m.2 views

DEBIAN-CVE-2014-3756

The client in Mumble 1.2.x before 1.2.6 allows remote attackers to force the loading of an external file and cause a denial of service hang and resource consumption via a crafted string that is treated as rich-text by a Qt widget, as demonstrated by the 1 user or 2 channel name in a Qt dialog, 3...

5CVSS6.8AI score0.0148EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2014/08/01 10:58 a.m.11 views

Advanced Text Widget <= 2.0.0 - Cross Site Scripting

The Advanced Text Widget WordPress plugin was affected by a Cross Site Scripting security vulnerability...

1.8AI score
Exploits0References1Affected Software1
NVD
NVD
added 2013/01/24 1:55 a.m.13 views

CVE-2011-4618

Cross-site scripting XSS vulnerability in advancedtext.php in Advanced Text Widget plugin before 2.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter...

4.3CVSS5.8AI score0.10083EPSS
Exploits1References8
Prion
Prion
added 2013/01/24 1:55 a.m.13 views

Cross site scripting

Cross-site scripting XSS vulnerability in advancedtext.php in Advanced Text Widget plugin before 2.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter...

4.3CVSS6.2AI score0.10083EPSS
Exploits1References8Affected Software1
CVE
CVE
added 2013/01/24 1:0 a.m.76 views

CVE-2011-4618

The CVE-2011-4618 entry concerns a Cross-Site Scripting (XSS) vulnerability in the WordPress plugin Advanced Text Widget (file advancedtext.php) before version 2.0.2. The underlying issue is improper handling of the page parameter, allowing remote attackers to inject arbitrary web script or HTML ...

4.3CVSS6AI score0.10083EPSS
Exploits1References8Affected Software1
Cvelist
Cvelist
added 2013/01/24 1:0 a.m.22 views

CVE-2011-4618

Cross-site scripting XSS vulnerability in advancedtext.php in Advanced Text Widget plugin before 2.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter...

5.8AI score0.10083EPSS
Exploits1References8
seebug.org
seebug.org
added 2011/11/22 12:0 a.m.42 views

WordPress Advanced Text Widget plugin suffers from a cross site scripting vulnerability

No description provided by source. Islamic Republic Of Iran Security Team Www.IrIsT.Ir Wordpress advanced-text-widget Plugin Cross-Site Scripting Vulnerabilities Download......: http://wordpress.org/extend/plugins/advanced-text-widget/...

7.1AI score
Exploits0
Patchstack
Patchstack
added 2011/11/21 12:0 a.m.18 views

WordPress Advanced Text Widget Plugin 2.0 - Cross Site Scripting

WordPress Advanced Text Widget plugin's "page" parameter is prone to a cross-site scripting vulnerability. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker can...

4.3CVSS2AI score0.10083EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2011/11/21 12:0 a.m.20 views

WordPress Advanced Text Widget Plugin 2.0 - Cross Site Scripting

WordPress Advanced Text Widget plugin's "page" parameter is prone to a cross-site scripting vulnerability. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker can...

4.3CVSS2AI score0.10083EPSS
Exploits1References1Affected Software1
Exploit DB
Exploit DB
added 2011/11/21 12:0 a.m.29 views

WordPress Plugin Advanced Text Widget 2.0 - &#039;page&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/50744/info Advanced Text Widget plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

7.4AI score
Exploits0
Rows per page
Query Builder