72 matches found
The vulnerability of the update_form() function in the Admin Bar Editor plugin of the WordPress content management system allows a hacker to enable or disable the administrator panel on the website’s external interface.
The vulnerability of the updateform function in the Admin Bar Editor plugin of the WordPress content management system is related to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker to enable or disable the administrator panel on the website’s...
WordPress Admin Bar Remover plugin <= 1.0.2.2 - Missing Authorization to Authenticated (Subscriber+) Settings Update vulnerability
Missing Authorization to Authenticated Subscriber+ Settings Update vulnerability discovered by Lucio Sá in WordPress Plugin Admin Bar Editor versions = 1.0.2.2...
WordPress Admin Bar Editor Plugin <= 1.0.2.2 is vulnerable to Broken Access Control
Software Admin Bar Editor Type Plugin Vulnerable versions = 1.0.2.2 Fixed in 1.0.23 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1716 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 919c0767c3fa Credits Lucio Sá Required privileg...
WordPress Admin Bar And Dashboard Access Control 1.28 XSS Vulnerability
WordPress Admin Bar and Dashboard Access Control plugin version 1.28 suffers from a persistent cross site scripting vulnerability. Exploit Title: WordPress Plugin Admin Bar & Dashboard Access Control Version: 1.2.8 - "Dashboard Redirect" field Stored Cross-Site Scripting XSS Exploit Author: Rachi...
WordPress Plugin Admin Bar & Dashboard Access Control Version: 1.2.8 - "Dashboard Redirect" field Stored Cross-Site Scripting (XSS)
Exploit Title: WordPress Plugin Admin Bar & Dashboard Access Control Version: 1.2.8 - "Dashboard Redirect" field Stored Cross-Site Scripting XSS Google Dork: NA Date: 28/10/2023 Exploit Author: Rachit Arora Vendor Homepage: Software Link:...
PT-2024-3162 · WordPress · Admin Bar Remover
Name of the Vulnerable Software and Affected Versions: Admin Bar Remover plugin for WordPress versions up to, and including, 1.0.2.2 Description: The issue is related to a missing capability check on the update form function, which allows authenticated attackers with subscriber-level access and...
CVE-2023-47184
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Proper Fraction LLC. Admin Bar & Dashboard Access Control plugin = 1.2.8 versions...
CVE-2023-47184
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Proper Fraction LLC. Admin Bar & Dashboard Access Control plugin = 1.2.8 versions...
CVE-2023-47184
A vulnerability in Collins Agbonghama Admin Bar & Dashboard Access Control admin-bar-dashboard-control.This issue affects Admin Bar & Dashboard Access Control: from n/a through = 1.2.8...
CVE-2023-47184 WordPress Admin Bar & Dashboard Access Control Plugin <= 1.2.8 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Proper Fraction LLC. Admin Bar & Dashboard Access Control plugin = 1.2.8 versions...
CVE-2023-47184 WordPress Admin Bar & Dashboard Access Control Plugin <= 1.2.8 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Proper Fraction LLC. Admin Bar & Dashboard Access Control plugin = 1.2.8 versions...
CVE-2023-47184
The CVE-2023-47184 entry concerns the WordPress plugin Admin Bar & Dashboard Access Control (versions ≤ 1.2.8). The vulnerability is an Authenticated Stored Cross-Site Scripting (XSS) flaw, meaning an attacker with administrative privileges can inject scripts that are later executed by other user...
PT-2023-30350 · Proper Fraction Llc · Admin Bar & Dashboard Access Control
Name of the Vulnerable Software and Affected Versions: Proper Fraction LLC. Admin Bar & Dashboard Access Control plugin versions 1.2.8 and earlier Description: The issue is related to an Authenticated Stored Cross-Site Scripting XSS vulnerability. This means that an attacker with admin access can...
WordPress Plugin Admin Bar & Dashboard Access Control Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
WordPress Admin Bar & Dashboard Access Control Plugin <= 1.2.8 is vulnerable to Cross Site Scripting (XSS)
Software Admin Bar & Dashboard Access Control Type Plugin Vulnerable versions = 1.2.8 Fixed in 1.2.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-47184 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 7931d5b9940f Credits Rachit Arora...
WordPress Hide Admin Bar Based on User Roles Plugin <= 1.7 is vulnerable to Cross Site Scripting (XSS)
Software Hide Admin Bar Based on User Roles Type Plugin Vulnerable versions = 1.7 Fixed in 1.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 3d22aaa97c1e Credits Rafie Muhammad...
WordPress Wp My Admin Bar Plugin <= 3.0.2 is vulnerable to Cross Site Scripting (XSS)
Software Wp My Admin Bar Type Plugin Vulnerable versions = 3.0.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 491eed150f92 Credits Rafie Muhammad Patchstack Required...
CVE-2023-23994
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Marcel Bootsman Auto Hide Admin Bar plugin = 1.6.1 versions...
CVE-2023-23994
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Marcel Bootsman Auto Hide Admin Bar plugin = 1.6.1 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Marcel Bootsman Auto Hide Admin Bar plugin = 1.6.1 versions...