Cross site scripting

Os Commerce is currently susceptible to a Cross-Site Scripting XSS vulnerability, which allows attackers to inject JS via the "title" parameter, in the "/admin/admin-menu/add-submit" endpoint, which can lead to unauthorized execution of scripts in a user's web browser...

CVE-2023-43713

Os Commerce CVE-2023-43713 describes a Cross-Site Scripting (XSS) vulnerability that can be triggered via the title parameter in the /admin/admin-menu/add-submit endpoint. The issue is listed as a reflected XSS (per CVE list data) with a medium CVSS3.1 base score (5.4). Affected product/version d...

PT-2023-29024 · Ritecms · Ritecms

Name of the Vulnerable Software and Affected Versions: Rite CMS version 3.0 Description: The issue allows attackers to execute arbitrary code via a crafted payload into the Global Content Blocks in the Administration Menu. This is a Cross-Site scripting XSS issue. Recommendations: For Rite CMS...

Easy Admin Menu <= 1.3 - Admin+ Stored XSS

Description The plugin does not validate and escape some parameters, which could allow users with the admin role and above to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2023-33929

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Joaquín Ruiz Easy Admin Menu plugin = 1.3 versions...

CVE-2023-33929

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Joaquín Ruiz Easy Admin Menu plugin = 1.3 versions...

Cross site scripting

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Joaquín Ruiz Easy Admin Menu plugin = 1.3 versions...

CVE-2023-33929 WordPress Easy Admin Menu Plugin <= 1.3 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Joaquín Ruiz Easy Admin Menu plugin = 1.3 versions...

CVE-2023-33929

CVE-2023-33929 : A stored Cross-Site Scripting (XSS) vulnerability exists in the WordPress plugin Easy Admin Menu by Joaquín Ruiz, affecting versions 1.3 or apply vendor-provided mitigation if available. If upgrading is not possible, monitor for updates from the plugin vendor and affected sites.

WordPress plugin easy-admin-menu 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress Smart Admin Menu Filter Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)

Software Smart Admin Menu Filter Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6bdc701a1bda Credits Rafie Muhammad Patchstack...

WordPress Easy Admin Menu Plugin <= 1.3 is vulnerable to Cross Site Scripting (XSS)

Software Easy Admin Menu Type Plugin Vulnerable versions = 1.3 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-33929 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID d28d5c2d98dc Credits Rio Darmawan Required...

CVE-2023-29848

Bang Resto 1.0 was discovered to contain a stored cross-site scripting XSS vulnerability via the itemName parameter in the admin/menu.php Add New Menu function...

PT-2023-22444 · Unknown · Bang Resto

Name of the Vulnerable Software and Affected Versions: Bang Resto version 1.0 Description: The issue is related to a stored cross-site scripting XSS vulnerability. This vulnerability can be exploited via the itemName parameter in the admin/menu.php Add New Menu function. Recommendations: For Bang...

CVE-2023-0257

A vulnerability was found in SourceCodester Online Food Ordering System 2.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /fos/admin/index.php?page=menu of the component Menu Form. The manipulation of the argument Image with the input...

Online Food Ordering System 代码问题漏洞

Online Food Ordering System is an online food ordering system. Online Food Ordering System suffers from an arbitrary file upload vulnerability, which stems from a lack of validation of the uploaded file in the file /fos/admin/index.php?page=menu of the component Menu Form, and can be exploited by...

Fast Food Ordering System SQL注入漏洞

Fast Food Ordering System is a fast food ordering system from Carlo Montero's personal developer. version 1.0 of Fast Food Ordering System is vulnerable to SQL injection, which originates from /ffos/admin/menus/viewmenu.php?id=page Lack of validation of external input SQL statements can be...

CVE-2022-0625

The Admin Menu Editor WordPress plugin through 1.0.4 does not sanitize and escape a parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting...

CVE-2022-0625

The Admin Menu Editor WordPress plugin through 1.0.4 does not sanitize and escape a parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting...

CVE-2022-0625

The CVE-2022-0625 entry concerns the WordPress plugin Admin Menu Editor (versions ≤ 1.0.4). The vulnerability is a Reflected Cross-Site Scripting caused by insufficient sanitization/escaping of a parameter before output on an admin page. Impact is a reflected XSS vector in the admin interface. Re...