196 matches found
CVE-2023-51399
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Back Button Widget allows Stored XSS.This issue affects Back Button Widget: from n/a through 1.6.3...
CVE-2023-51399
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Back Button Widget allows Stored XSS.This issue affects Back Button Widget: from n/a through 1.6.3...
Cross site scripting
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Back Button Widget allows Stored XSS.This issue affects Back Button Widget: from n/a through 1.6.3...
CVE-2023-51399
The CVE-2023-51399 affects the WordPress WPFactory Back Button Widget plugin (versions ≤ 1.6.3). Root cause: improper neutralization of input during web page generation, enabling Stored XSS. Impact: stored XSS in widget output; PRI/impact as documented (low confidentiality, integrity, availabilit...
PT-2023-31807 · Wpfactory · Wpfactory Back Button Widget
Name of the Vulnerable Software and Affected Versions: WPFactory Back Button Widget versions 1.6.3 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as 'Cross-site Scripting', which allows Stored XSS. This means that an attack...
CVE-2023-47547
Unauth. Reflected Cross-Site Scripting XSS vulnerability in WPFactory Products, Order & Customers Export for WooCommerce plugin = 2.0.7 versions...
CVE-2023-47547
Unauth. Reflected Cross-Site Scripting XSS vulnerability in WPFactory Products, Order & Customers Export for WooCommerce plugin = 2.0.7 versions...
Cross site scripting
Unauth. Reflected Cross-Site Scripting XSS vulnerability in WPFactory Products, Order & Customers Export for WooCommerce plugin = 2.0.7 versions...
CVE-2023-47547
CVE-2023-47547 affects the WPFactory Products, Order & Customers Export for WooCommerce plugin. It is an unauthenticated, reflected XSS in export functionality, impacting versions up to and including 2.0.7. Public sources confirm exploitation vectors rely on injecting scripts via exposed export p...
CVE-2023-36689
Unauth. Reflected Cross-Site Scripting XSS vulnerability in WPFactory WPFactory Helper plugin = 1.5.2 versions...
CVE-2023-36689
Unauth. Reflected Cross-Site Scripting XSS vulnerability in WPFactory WPFactory Helper plugin = 1.5.2 versions...
Cross site scripting
Unauth. Reflected Cross-Site Scripting XSS vulnerability in WPFactory WPFactory Helper plugin = 1.5.2 versions...
CVE-2023-36689 WordPress WPFactory Helper Plugin <= 1.5.2 is vulnerable to Cross Site Scripting (XSS)
Unauth. Reflected Cross-Site Scripting XSS vulnerability in WPFactory WPFactory Helper plugin = 1.5.2 versions...
CVE-2023-36689
WPFactory Helper plugin for WordPress is affected by an unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability in versions 1.5.2 (version 1.5.3 or later). There is no detailed root-cause description beyond “Unauth. Reflected XSS,” and no exploit code is included in the connected docu...
WordPress plugin WPFactory WPFactory Helper Cross Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress WPFactory Helper Plugin <= 1.5.2 is vulnerable to Cross Site Scripting (XSS)
Software WPFactory Helper Type Plugin Vulnerable versions = 1.5.2 Fixed in 1.5.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-36689 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4681ca256d88 Credits Le Ngoc Anh...