284 matches found
CVE-2024-43304
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Cool Plugins Cryptocurrency Widgets – Price Ticker & Coins List allows Reflected XSS.This issue affects Cryptocurrency Widgets – Price Ticker & Coins List: from n/a through 2.8.0...
CVE-2024-43304
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Cool Plugins Cryptocurrency Widgets – Price Ticker & Coins List allows Reflected XSS.This issue affects Cryptocurrency Widgets – Price Ticker & Coins List: from n/a through 2.8.0...
CVE-2024-43304 WordPress Cryptocurrency Widgets plugin <= 2.8.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Cool Plugins Cryptocurrency Widgets – Price Ticker & Coins List allows Reflected XSS.This issue affects Cryptocurrency Widgets – Price Ticker & Coins List: from n/a through 2.8.0...
WordPress plugin Cryptocurrency Widgets – Price Ticker & Coins List 跨站脚本漏洞
WordPress and the WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress plugi...
WordPress Cryptocurrency Widgets plugin <= 2.8.0 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Trương Hữu Phúc Patchstack Alliance in WordPress Plugin Cryptocurrency Widgets – Price Ticker & Coins List versions = 2.8.0...
WordPress Cryptocurrency Widgets – Price Ticker & Coins List Plugin <= 2.8.0 is vulnerable to Cross Site Scripting (XSS)
Software Cryptocurrency Widgets – Price Ticker & Coins List Type Plugin Vulnerable versions = 2.8.0 Fixed in 2.8.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-43304 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID bdccb41579f9 Credi...
WordPress Stock Ticker plugin <= 3.24.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via stock_ticker Shortcode vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via stockticker Shortcode vulnerability discovered by Dale Mavers in WordPress Plugin Stock Ticker versions = 3.24.4...
WordPress Stock Ticker Plugin <= 3.24.4 is vulnerable to Cross Site Scripting (XSS)
Software Stock Ticker Type Plugin Vulnerable versions = 3.24.4 Fixed in 3.24.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6363 Patch priority Low CVSS severity Low 6.5 Developer Aleksandar Urošević PSID b2196f70b406 Credits Dale Mavers Required...
CVE-2024-6363
The Stock Ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's stockticker shortcode in all versions up to, and including, 3.24.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2024-6363
The Stock Ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's stockticker shortcode in all versions up to, and including, 3.24.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2024-6363
CVE-2024-6363 applies to the WordPress Stock Ticker plugin. The vulnerability is a Stored Cross-Site Scripting flaw in the stock_ticker shortcode due to insufficient input sanitization and output escaping. It affects all versions up to and including 3.24.4. Exploitation requires authentication (C...
CVE-2024-6363 Stock Ticker <= 3.24.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via stock_ticker Shortcode
The Stock Ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's stockticker shortcode in all versions up to, and including, 3.24.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2024-6363 Stock Ticker <= 3.24.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via stock_ticker Shortcode
The Stock Ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's stockticker shortcode in all versions up to, and including, 3.24.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
PT-2024-37568 · WordPress · Stock Ticker
Name of the Vulnerable Software and Affected Versions: Stock Ticker plugin for WordPress versions up to, and including, 3.24.4 Description: The issue is related to Stored Cross-Site Scripting via the stock ticker shortcode due to insufficient input sanitization and output escaping on user-supplie...
WordPress plugin Stock Ticker security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
XMB 1.9.12.06 - Stored XSS
Exploit Title: Persistent XSS in XMB 1.9.12.06 Date: 06/12/2024 Exploit Author: Chokri Hammedi Vendor Homepage: https://www.xmbforum2.com/ Software Link: https://www.xmbforum2.com/download/XMB-1.9.12.06.zip Version: 1.9.12.06 Tested on: Windows XP CVE: N/A Vulnerability Details A persistent store...
CVE-2024-3647
The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's post ticker widget in all versions up to, and including, 4.10.28 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-3021
The CVE-2024-3021 entry concerns the Mhr Post Ticker WordPress plugin. Reported vulnerability: Stored Cross-Site Scripting via the Header Title value in all versions up to and including 1.1, caused by insufficient input sanitization and output escaping. Impact is limited to multi-site WordPress i...
PT-2024-27016 · WordPress · Premium Addons For Elementor
Name of the Vulnerable Software and Affected Versions: Premium Addons for Elementor plugin for WordPress versions up to, and including, 4.10.28 Description: The issue is related to Stored Cross-Site Scripting via the plugin's post ticker widget due to insufficient input sanitization and output...
WordPress plugin Mhr Post Ticker 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...