107 matches found
CVE-2024-29134
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through = 2.11.8...
CVE-2024-29134
CVE-2024-29134 affects the Tourfic WordPress plugin (versions up to 2.11.8). It is a Stored XSS due to improper neutralization of input during web page generation. The issue is fixed in Tourfic 2.11.9; administrators should upgrade to the fixed version to mitigate the vulnerability. The connected...
CVE-2024-29134 WordPress Tourfic plugin <= 2.11.8 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through = 2.11.8...
CVE-2024-29134 WordPress Tourfic plugin <= 2.11.8 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through = 2.11.8...
CVE-2024-29135
CVE-2024-29135 affects the Tourfic WordPress plugin (
CVE-2024-29135 WordPress Tourfic plugin <= 2.11.15 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through = 2.11.15...
CVE-2024-29135 WordPress Tourfic plugin <= 2.11.15 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through = 2.11.15...
CVE-2024-29136 WordPress Tourfic plugin <= 2.11.17 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through = 2.11.17...
CVE-2024-29136 WordPress Tourfic plugin <= 2.11.17 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through = 2.11.17...
CVE-2024-29136
CVE-2024-29136 affects the Tourfic WordPress plugin from Themefic, vulnerable to PHP Object Injection via deserialization of untrusted data in all versions up to 2.11.17. The vulnerability requires at least Subscriber+ authentication and could enable attacker-controlled object injection. Public s...
CVE-2024-29137
The WordPress Tourfic plugin is affected up to version 2.11.7 with a Reflected XSS vulnerability in the place parameter due to insufficient input sanitization and output escaping. This can allow attackers to execute scripts in users’ browsers. Remediation: upgrade to Tourfic 2.11.8 or later. The ...
CVE-2024-29137 WordPress Tourfic plugin <= 2.11.7 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through = 2.11.7...
CVE-2024-29137 WordPress Tourfic plugin <= 2.11.7 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through = 2.11.7...
WordPress Plugin Tourfic Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
WordPress Plugin Tourfic Code Issue Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in...
WordPress Plugin Tourfic Code Issue Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin Tourfic has a code issue...
PT-2024-22756
Name of the Vulnerable Software and Affected Versions Themefic Tourfic versions prior to 2.11.8 Description The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS. Recommendations For versions prior to 2.11.8...
WordPress Plugin Tourfic Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
PT-2024-22755 · Unknown · Themefic Tourfic
Name of the Vulnerable Software and Affected Versions: Themefic Tourfic versions n/a through 2.11.17 Description: The issue is related to Deserialization of Untrusted Data. This is a type of vulnerability where an application deserializes data from an untrusted source, potentially allowing an...
PT-2024-22753 · Unknown · Themefic Tourfic
Name of the Vulnerable Software and Affected Versions: Themefic Tourfic versions through 2.11.8 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as 'Cross-site Scripting', which allows Stored XSS. This means that an attacker can inject...