98 matches found
WordPress Top Bar Plugin <= 3.0.5 is vulnerable to Cross Site Scripting (XSS)
Software Top Bar Type Plugin Vulnerable versions = 3.0.5 Fixed in 3.0.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-31928 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 1fe06e1756b5 Credits Joel Indra Required privilege Administrator...
PT-2024-18207 · WordPress · Top Bar Wordpress Plugin
Name of the Vulnerable Software and Affected Versions: Top Bar WordPress plugin versions prior to 3.0.5 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks, even when the unfiltered html capability is disallowed, for example, in...
CVE-2023-7048 My Sticky Bar <= 2.6.6 - Cross-Site Request Forgery to Sensitive Information Exposure
The My Sticky Bar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.6.6. This is due to missing or incorrect nonce validation in mystickymenu-contact-leads.php. This makes it possible for unauthenticated attackers to trigger the export of a C...
WordPress My Sticky Bar Plugin <= 2.6.6 is vulnerable to Cross Site Request Forgery (CSRF)
Software My Sticky Bar Type Plugin Vulnerable versions = 2.6.6 Fixed in 2.6.7 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-7048 Patch priority Low CVSS severity Low 3.1 Developer Claim ownership PSID 50c4e2183073 Credits Ulyses Saicha Required...
CVE-2023-49836 WordPress Cookie Bar Plugin <= 2.0 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Brontobytes Cookie Bar allows Stored XSS.This issue affects Cookie Bar: from n/a through 2.0...
CVE-2023-47184
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Proper Fraction LLC. Admin Bar & Dashboard Access Control plugin = 1.2.8 versions...
CVE-2023-41847
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in WEN Solutions Notice Bar plugin = 3.1.0 versions...
CVE-2023-41847
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in WEN Solutions Notice Bar plugin = 3.1.0 versions...
CVE-2023-41847 WordPress Notice Bar Plugin <= 3.1.0 is vulnerable to Cross Site Scripting (XSS)
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in WEN Solutions Notice Bar plugin = 3.1.0 versions...
CVE-2023-41847
CVE-2023-41847 affects the WordPress plugin Notice Bar (WEN Solutions) with versions
PT-2023-28077 · Wpgens · Swifty Bar
Name of the Vulnerable Software and Affected Versions: Swifty Bar, sticky bar by WPGens plugin versions = 1.2.10 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that affects users with admin+ authentication. This allows for malicious scripts to be stored on th...
WordPress Circle Progress 1.0 Cross Site Scripting
Exploit Title: WordPress Plugin Circle progress bar – Cross site scripting-Stored Date: 2-06-2023 Exploit Author: Taliya Bilal- NightHawk Vendor Homepage: https://wordpress.org/plugins/circle-progress-bar/ Version: 1.0 Tested on: Firefox Contact me: [email protected] Steps to reproduce: 1...
CVE-2023-23699
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Chris Reynolds Progress Bar plugin = 2.2.1 versions...
WordPress plugin Progress Bar 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...
CVE-2023-23894
CVE-2023-23894 pertains to a Stored XSS in the Surbma GDPR Proof Cookie Consent & Notice Bar plugin for WordPress (versions
CVE-2023-23994
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Marcel Bootsman Auto Hide Admin Bar plugin = 1.6.1 versions...
CVE-2023-23994
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Marcel Bootsman Auto Hide Admin Bar plugin = 1.6.1 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Marcel Bootsman Auto Hide Admin Bar plugin = 1.6.1 versions...
CVE-2023-23994 WordPress Auto Hide Admin Bar Plugin <= 1.6.1 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Marcel Bootsman Auto Hide Admin Bar plugin = 1.6.1 versions...
CVE-2013-10021
A vulnerability was found in dd32 Debug Bar Plugin up to 0.8 on WordPress. It has been declared as problematic. Affected by this vulnerability is the function render of the file panels/class-debug-bar-queries.php. The manipulation leads to cross site scripting. The attack can be launched remotely...