16 matches found
EUVD-2023-37018
Malicious code in bioql PyPI...
EUVD-2023-58217
Malicious code in bioql PyPI...
CVE-2023-32797
Unauth. Reflected Cross-Site Scripting XSS vulnerability in I Thirteen Web Solution video carousel slider with lightbox plugin = 1.0.22 versions...
CVE-2023-2710
The video carousel slider with lightbox plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the searchterm parameter in versions up to, and including, 1.0.22 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...
PT-2024-10743 · WordPress · Video Carousel Slider With Lightbox Plugin
Name of the Vulnerable Software and Affected Versions: video carousel slider with lightbox plugin for WordPress versions 1.0.0 through 1.0.6 Description: The issue is related to SQL Injection via the id parameter due to insufficient escaping on the user-supplied parameter and lack of sufficient...
WordPress plugin video carousel slider with lightbox SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in the...
PT-2023-32434 · WordPress · Video Carousel Slider With Lightbox Plugin For Wordpress
Name of the Vulnerable Software and Affected Versions: video carousel slider with lightbox plugin for WordPress version 1.0 Description: The issue is due to missing or incorrect nonce validation on the responsive video gallery with lightbox video management func function, making it possible for...
WordPress Plugin video carousel slider with lightbox Cross-site Request Forgery Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
CVE-2023-32797
Unauth. Reflected Cross-Site Scripting XSS vulnerability in I Thirteen Web Solution video carousel slider with lightbox plugin = 1.0.22 versions...
CVE-2023-32797
CVE-2023-32797 is an unauthenticated reflected XSS vulnerability in the WordPress plugin “I Thirteen Web Solution video carousel slider with lightbox” (versions
PT-2023-24031 · I Thirteen Web Solution · Video Carousel Slider With Lightbox Plugin
Name of the Vulnerable Software and Affected Versions: I Thirteen Web Solution video carousel slider with lightbox plugin versions 1.0.22 and earlier Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This means that an attacker could potentially...
WordPress Plugin video carousel slider with lightbox 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
Cross site scripting
The video carousel slider with lightbox plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the searchterm parameter in versions up to, and including, 1.0.22 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...
PT-2023-20954 · WordPress · Video Carousel Slider With Lightbox
Name of the Vulnerable Software and Affected Versions: Video Carousel Slider with Lightbox plugin for WordPress versions up to, and including, 1.0.22 Description: The issue is related to Reflected Cross-Site Scripting via the search term parameter due to insufficient input sanitization and output...
WordPress video carousel slider with lightbox Plugin <= 1.0.22 is vulnerable to Cross Site Scripting (XSS)
Software video carousel slider with lightbox Type Plugin Vulnerable versions = 1.0.22 Fixed in 1.0.23 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-32797 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 914412fc8def...
video carousel slider with lightbox < 1.0.23 - Reflected XSS
The plugin does not sanitise and escape the searchterm parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...