EUVD-2021-11625

Malware in sbrugna...

WordPress Video Lessons Manager plugin <= 1.8.0 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Video Lessons Manager versions = 1.8.0...

WordPress plugin多款产品 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in...

WordPress Video Lessons Manager plugin <= 1.8.2 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin Video Lessons Manager versions = 1.8.2...

WordPress Video Lessons Manager Plugin <= 1.8.2 is vulnerable to Cross Site Scripting (XSS)

Software Video Lessons Manager Type Plugin Vulnerable versions = 1.8.2 Fixed in 1.8.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-11202 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID de6edf652333 Credits Peter...

CVE-2021-24713

The Video Lessons Manager WordPress plugin before 1.7.2 and Video Lessons Manager Pro WordPress plugin before 3.5.9 do not properly sanitize and escape values when updating their settings, which could allow high privilege users to perform Cross-Site Scripting attacks...

CVE-2021-24713

The Video Lessons Manager WordPress plugin before 1.7.2 and Video Lessons Manager Pro WordPress plugin before 3.5.9 do not properly sanitize and escape values when updating their settings, which could allow high privilege users to perform Cross-Site Scripting attacks...

CVE-2021-24713

The CVE-2021-24713 entry affects the WordPress plugins Video Lessons Manager (before 1.7.2) and Video Lessons Manager Pro (before 3.5.9). The root cause is improper sanitization/escaping when updating settings, enabling stored Cross-Site Scripting by privileged users. Reported impacts include XSS...

CVE-2021-24713 Video Lessons Manager - Admin+ Stored Cross-Site Scripting

The Video Lessons Manager WordPress plugin before 1.7.2 and Video Lessons Manager Pro WordPress plugin before 3.5.9 do not properly sanitize and escape values when updating their settings, which could allow high privilege users to perform Cross-Site Scripting attacks...

WordPress 跨站脚本漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in WordPress Video Lessons Manager, which stems from a...

PT-2021-16216

Name of the Vulnerable Software and Affected Versions Video Lessons Manager WordPress plugin versions prior to 1.7.2 Video Lessons Manager Pro WordPress plugin versions prior to 3.5.9 Description The issue concerns the improper sanitization and escaping of values when updating settings, potential...

Video Lessons Manager - Admin+ Stored Cross-Site Scripting

The plugins do not properly sanitize and escape values when updating their settings, which could allow high privilege users to perform Cross-Site Scripting attacks PoC Open the CM Video Lesson Plugin's Settings page. Click on Label Tab Enter payload like " into the "channel" or "channels" fields...