143 matches found
WordPress ARI Fancy Lightbox Plugin <= 1.3.14 is vulnerable to Cross Site Scripting (XSS)
Software ARI Fancy Lightbox Type Plugin Vulnerable versions = 1.3.14 Fixed in 1.3.15 OWASP Top 10 A6: Vulnerable and Outdated Components Classification Cross Site Scripting XSS CVE CVE-2024-4367 Patch priority Low CVSS severity Low 4 Developer Claim ownership PSID c2fee65eb87c Credits Yudistira...
CVE-2023-47513
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in ARI Soft ARI Stream Quiz allows Code Injection.This issue affects ARI Stream Quiz: from n/a through 1.3.2...
CVE-2023-47513 WordPress ARI Stream Quiz – WordPress Quizzes Builder plugin <= 1.3.2 - Content Injection vulnerability
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in ARI Soft ARI Stream Quiz allows Code Injection.This issue affects ARI Stream Quiz: from n/a through 1.3.2...
CVE-2023-47513 WordPress ARI Stream Quiz – WordPress Quizzes Builder plugin <= 1.3.2 - Content Injection vulnerability
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in ARI Soft ARI Stream Quiz allows Code Injection.This issue affects ARI Stream Quiz: from n/a through 1.3.2...
CVE-2023-26566
CVE-2023-26566 affects Sangoma FreePBX 1805–2203 on Linux, with hardcoded Asterisk REST Interface (ARI) credentials. This enables remote attackers to reconfigure Asterisk and place calls via ARI endpoints over HTTP and WebSocket. The connected sources note the issue and provide remediation guidan...
CVE-2023-51487
Cross-Site Request Forgery CSRF vulnerability in ARI Soft ARI Stream Quiz.This issue affects ARI Stream Quiz: from n/a through 1.2.32...
CVE-2023-51487
Cross-Site Request Forgery CSRF vulnerability in ARI Soft ARI Stream Quiz.This issue affects ARI Stream Quiz: from n/a through 1.2.32...
CVE-2023-51487 WordPress ARI Stream Quiz – WordPress Quizzes Builder plugin <= 1.2.32 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in ARI Soft ARI Stream Quiz.This issue affects ARI Stream Quiz: from n/a through 1.2.32...
CVE-2023-51487 WordPress ARI Stream Quiz – WordPress Quizzes Builder plugin <= 1.2.32 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in ARI Soft ARI Stream Quiz.This issue affects ARI Stream Quiz: from n/a through 1.2.32...
CVE-2023-51487
CVE-2023-51487 is a CSRF vulnerability in the ARI Stream Quiz WordPress plugin, affecting ARI Stream Quiz versions up to 1.2.32. The connected documents confirm the issue exists and reference CSRF as the vulnerability type, but do not provide an explicit fixed version or patch details. Affected p...
WordPress Plugin ARI Stream Quiz Cross-Site Request Forgery Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
PT-2024-14146 · Unknown · Ari Stream Quiz
Name of the Vulnerable Software and Affected Versions: ARI Stream Quiz versions 1.2.32 and earlier Description: A Cross-Site Request Forgery CSRF issue has been identified. This type of issue occurs when an application does not properly validate requests, allowing an attacker to trick a user into...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in ARI Soft Contact Form 7 Connector.This issue affects Contact Form 7 Connector: from n/a through 1.2.2...
CVE-2024-24884
Summary: CVE-2024-24884 is a CSRF vulnerability in the ARI Soft Contact Form 7 Connector plugin for WordPress. The issue affects versions up to and including 1.2.2 and can be triggered without authentication, enabling an attacker to induce state-changing actions in a user’s session. The patchstac...
PT-2024-20640 · Unknown · Ari Soft Contact Form 7 Connector
Name of the Vulnerable Software and Affected Versions: ARI Soft Contact Form 7 Connector versions 1.2.2 and earlier Description: A Cross-Site Request Forgery CSRF issue affects the ARI Soft Contact Form 7 Connector. This type of issue allows an attacker to trick a user into performing unintended...
ARI Stream Quiz < 1.3.0 - Cross-Site Request Forgery
Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...
ARI Stream Quiz < 1.3.0 - Cross-Site Request Forgery
Description The ARI Stream Quiz plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2.32. This is due to missing or incorrect nonce validation. This makes it possible for unauthenticated attackers to perform unauthorized actions against classes and...
CVE-2023-52182
Deserialization of Untrusted Data vulnerability in ARI Soft ARI Stream Quiz – WordPress Quizzes Builder.This issue affects ARI Stream Quiz – WordPress Quizzes Builder: from n/a through 1.3.0...
CVE-2023-52182
Deserialization of Untrusted Data vulnerability in ARI Soft ARI Stream Quiz – WordPress Quizzes Builder.This issue affects ARI Stream Quiz – WordPress Quizzes Builder: from n/a through 1.3.0...
Deserialization of untrusted data
Deserialization of Untrusted Data vulnerability in ARI Soft ARI Stream Quiz – WordPress Quizzes Builder.This issue affects ARI Stream Quiz – WordPress Quizzes Builder: from n/a through 1.3.0...