Microsoft Windows Shell 资源管理错误漏洞

The Microsoft Windows Shell is the graphical user interface for the Windows operating system from Microsoft.The easily recognizable elements of the Windows shell include features such as the desktop, the taskbar, the start menu, the task switcher, and autoplay. An elevation of privilege...

Microsoft Windows Shell 安全漏洞

The Microsoft Windows Shell is the graphical user interface for the Windows operating system from Microsoft.The easily recognizable elements of the Windows shell include features such as the desktop, the taskbar, the start menu, the task switcher, and autoplay. A security feature bypass...

Malicious code in surya-donat3-sukiwir (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45e6f80c8e9d99fa84bbbe8d24dbab9249a4335f353bd6fe8cc32cdc1abc4699 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2019-17824

Malware in sbrugna...

CVE-2023-0153

The Vimeo Video Autoplay Automute WordPress plugin through 1.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting...

CVE-2019-8434

In CmsEasy 7.0, there is XSS via the ckplayer.php autoplay parameter...

U.S. Dept Of Defense: Cross-Site Scripting via 'autoPlay' parameter

A Cross-Site Scripting XSS vulnerability was discovered on a website through the 'autoPlay' parameter in the GET method. Exploitation of this vulnerability allowed the injection of malicious scripts that could be executed. A proof-of-concept was provided demonstrating an alert pop-up...

How to Image a Target Device Using the Imaging Wizard

This article describes how to image target device using the Imaging Wizard. Prerequisites Enable Windows Automount on Windows Enterprise Server operating systems. Disable Windows Autoplay. Remove any virtualization software before performing a conversion. Verify adequate free space exists on the...

WordPress Automatic plugin <= 3.94.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via autoplay Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via autoplay Parameter vulnerability discovered by haidv35 in WordPress Plugin Automatic versions = 3.94.0...

PT-2024-33126 · WordPress · Wordpress Automatic Plugin

Name of the Vulnerable Software and Affected Versions: WordPress Automatic Plugin plugin for WordPress versions up to, and including, 3.94.0 Description: The issue is related to Stored Cross-Site Scripting via the autoplay parameter due to insufficient input sanitization and output escaping. This...

CVE-2023-0153

The Vimeo Video Autoplay Automute WordPress plugin through 1.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting...

Cross site scripting

The Vimeo Video Autoplay Automute WordPress plugin through 1.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting...

CVE-2023-0153

The CVE-2023-0153 issue affects the WordPress plugin Vimeo Video Autoplay Automute (

CVE-2023-0153 Vimeo Video Autoplay Automute <= 1.0 - Contributor+ Stored XSS

The Vimeo Video Autoplay Automute WordPress plugin through 1.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting...

CVE-2023-0153 Vimeo Video Autoplay Automute <= 1.0 - Contributor+ Stored XSS

The Vimeo Video Autoplay Automute WordPress plugin through 1.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting...

WordPress Plugin Vimeo Video Autoplay Automute 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...

Vimeo Video Autoplay Automute <= 1.0 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. vimeo clipid="1" color="'...

Vimeo Video Autoplay Automute <= 1.0 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC vimeo clipid="1" color="'...

WordPress Vimeo Video Autoplay Automute Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)

Software Vimeo Video Autoplay Automute Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0153 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 6b9ac437c259 Credits István...

OPENSUSE-SU-2022:10239-1 Security update for opera

This update for opera fixes the following issues: Update to 93.0.4585.37 - DNA-102885 Turn on sidebar-autohide on all streams - DNA-103020 Turn on start-page-redesign on developer - DNA-103042 Fix import from Firefox - DNA-103222 Speed Dial Suggestions All opera.com subpages suggestions lead to t...