Cross site scripting

The Wise Agent Capture Forms WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $SERVER"PHPSELF" value in the /WiseAgentCaptureForm.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0...

CVE-2021-38341 WooCommerce Payment Gateway Per Category <= 2.0.10 Reflected Cross-Site Scripting

The WooCommerce Payment Gateway Per Category WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $SERVER"PHPSELF" value in the /includes/pluginsettings.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 2.0.10...

simpleSAMLphp Authentication <= 0.7.0 - Reflected Cross-Site Scripting

The plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $SERVER"PHPSELF" value in the /simplesamlphp-authentication.php file which allows attackers to inject arbitrary web scripts...

Jock on air now < 5.6.2 - Reflected Cross-Site Scripting

The plugin does not escape the $SERVER'PHPSELF' before outputting it back in an attribute in its settings, leading to a Reflected Cross-Site Scripting issue PoC https://example.com/wp-admin/admin.php/"/?page=joansettings...

CVE-2021-34663

The jQuery Tagline Rotator WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to the use of $SERVER'PHPSELF' in the /jquery-tagline-rotator.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.1.5...

CVE-2021-34658 Simple Popup Newsletter <= 1.4.7 Reflected Cross-Site Scripting

The Simple Popup Newsletter WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to the use of $SERVER'PHPSELF' in the /simple-popup-newsletter.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.4.7...

CVE-2021-34644 Multiplayer Games <= 3.7 Reflected Cross-Site Scripting

The Multiplayer Games WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to the use of $SERVER'PHPSELF' in the /multiplayergames.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 3.7...

WP Fountain <= 1.5.9 - Reflected Cross-Site Scripting

The plugin is vulnerable to Reflected Cross-Site Scripting due to the use of $SERVER'PHPSELF' in the /wp-fountain.php file which allows attackers to inject arbitrary web scripts...

CVE-2021-34640 Securimage-WP-Fixed <= 3.5.4 Reflected Cross-Site Scripting

The Securimage-WP-Fixed WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to the use of $SERVER'PHPSELF' in the /securimage-wp.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 3.5.4...

CVE-2021-34640

CVE-2021-34640 affects the WordPress plugin Securimage-WP-Fixed (versions ≤ 3.5.4). The vulnerability is a reflected Cross-Site Scripting (XSS) caused by using $_SERVER['PHP_SELF'] in the securimage-wp.php file, allowing attackers to inject arbitrary web scripts into the affected site. Impact is ...

CVE-2021-34630 Reflected XSS in GTranslate Pro and GTranslate Enterprise < 2.8.65

In the Pro and Enterprise versions of GTranslate 2.8.65, the gtranslaterequesturivar function runs at the top of all pages and echoes out the contents of $SERVER'REQUESTURI'. Although this uses addslashes, and most modern browsers automatically URLencode requests, this plugin is still vulnerable ...

GTranslate < 2.8.65 - Reflected Cross-Site Scripting (XSS)

In the Pro and Enterprise versions of GTranslate alert123;...

CVE-2021-24226 AccessAlly < 3.5.7 - $_SERVER Superglobal Leakage

In the AccessAlly WordPress plugin before 3.5.7, the file "resource/frontend/product/product-shortcode.php" responsible for the accessallyorderform shortcode is dumping serialize$SERVER, which contains all environment variables. The leakage occurs on all public facing pages containing the...

Cross-site Scripting (XSS)

dolibarr is vulnerable to cross-site scripting XSS. The attack exists because it does not properly HTML encoded to sanitize $SERVER"HTTPREFERER" arguments, allowing an attacker to inject and execute malicious script...

CVE-2018-17361

CVE-2018-17361 affects WeaselCMS v0.3.6 (PHP). Multiple XSS vulnerabilities allow remote attackers to inject arbitrary web script or HTML via PATH_INFO to index.php; root cause is mishandling of $_SERVER['PHP_SELF']. Public exploit details are not provided in the connected documents; no remediati...

CVE-2018-17039

MiniCMS 1.10, when Internet Explorer is used, allows XSS via a crafted URI because $SERVER'REQUESTURI' is mishandled...

CVE-2017-14077

HTML Injection in Securimage 3.6.4 and earlier allows remote attackers to inject arbitrary HTML into an e-mail message body via the $SERVER'HTTPUSERAGENT' parameter to exampleform.ajax.php or exampleform.php...

Design/Logic Flaw

HTML Injection in Securimage 3.6.4 and earlier allows remote attackers to inject arbitrary HTML into an e-mail message body via the $SERVER'HTTPUSERAGENT' parameter to exampleform.ajax.php or exampleform.php...

CVE-2017-14077

HTML Injection in Securimage 3.6.4 and earlier allows remote attackers to inject arbitrary HTML into an e-mail message body via the $SERVER'HTTPUSERAGENT' parameter to exampleform.ajax.php or exampleform.php...

Automattic: woocommerce - prevent_caching() bug / bypass

As guest visit the following links and look at the headers. Yup there are not caching headers in the response. https://woocommerce.com/.cart/https://woocommerce.com/.cart/ https://woocommerce.com/+cart/https://woocommerce.com/+cart/ https://woocommerce.com/-cart/https://woocommerce.com/-cart/...