WordPress Blur Text Plugin <= 1.0.0 - Stored Cross Site Scripting (XSS) vulnerability

Stored Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 in WordPress Plugin Blur Text versions = 1.0.0...

WordPress plugin Typing Text 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress Typing Text plugin <= 1.2.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Savphill Patchstack Alliance in WordPress Plugin Typing Text versions = 1.2.7...

WordPress plugin Persian Nested Show/Hide Text 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

CVE-2024-7382

The Linkify Text plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.9.1. This is due to the plugin utilizing bootstrap and leaving test files with displayerrors on. This makes it possible for unauthenticated attackers to retrieve the full path of th...

PT-2024-38312 · WordPress · Linkify Text

Name of the Vulnerable Software and Affected Versions: Linkify Text plugin for WordPress versions up to and including 1.9.1 Description: The issue is related to Full Path Disclosure, which occurs because the plugin uses bootstrap and leaves test files with display errors enabled. This allows...

WordPress Linkify Text Plugin <= 1.9.1 is vulnerable to Sensitive Data Exposure

Software Linkify Text Type Plugin Vulnerable versions = 1.9.1 Fixed in N/A OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-7382 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 52ceca8d5945 Credits stealthcopter Required privileg...

CVE-2024-5444 Bible Text <= 0.2 - Contributor+ Stored XSS

The Bible Text WordPress plugin through 0.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

WordPress plugin Bible Text security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation, WordPress is a blogging platform developed in PHP. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the WordPress plugin...

WordPress Bible Text plugin <= 0.2 - Contributor+ Stored XSS vulnerability

Contributor+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin Bible Text versions = 0.2...

WordPress Bible Text Plugin <= 0.2 is vulnerable to Cross Site Scripting (XSS)

Software Bible Text Type Plugin Vulnerable versions = 0.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5444 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID d17108b2186b Credits Bob Matyas Required privilege...

WordPress Typing Text plugin <= 1.2.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by vps1- Patchstack Alliance in WordPress Plugin Typing Text versions = 1.2.5...

WordPress Typing Text Plugin <= 1.2.5 is vulnerable to Cross Site Scripting (XSS)

Software Typing Text Type Plugin Vulnerable versions = 1.2.5 Fixed in 1.2.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-5058 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 91cc21022825 Credits vps1- Required privilege Contributor...

BIT-GRAFANA-2023-22462 Stored XSS in Grafana Text plugin

Grafana is an open-source platform for monitoring and observability. On 2023-01-01 during an internal audit of Grafana, a member of the security team found a stored XSS vulnerability affecting the core plugin "Text". The stored XSS vulnerability requires several user interactions in order to be...

Neon text < 1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The Neon text plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's neontextbox shortcode in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping on user supplied attributes color. This makes it possible for...

CVE-2023-5817

The Neon text plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's neontextbox shortcode in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping on user supplied attributes color. This makes it possible for authenticated...

Cross site scripting

The Neon text plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's neontextbox shortcode in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping on user supplied attributes color. This makes it possible for authenticated...

CVE-2023-5817 Neon text <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Neon text plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's neontextbox shortcode in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping on user supplied attributes color. This makes it possible for authenticated...

CVE-2023-5817 Neon text <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Neon text plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's neontextbox shortcode in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping on user supplied attributes color. This makes it possible for authenticated...

WordPress plugin Neon text cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...