Project Worlds Online Lawyer Management System 安全漏洞

Project Worlds Online Lawyer Management System is an online lawyer management system from Project Worlds, Inc. A security vulnerability exists in Project Worlds Online Lawyer Management System version 1.0, which stems from an incorrect operation of the parameter blockid/unblockid that can lead to...

PT-2024-30609 · WordPress · The Spectra – Wordpress Gutenberg Blocks

Name of the Vulnerable Software and Affected Versions: The Spectra – WordPress Gutenberg Blocks plugin versions up to, and including, 2.13.0 Description: The issue is related to Stored Cross-Site Scripting via the block id parameter due to insufficient input sanitization and output escaping. This...

CVE-2021-24304

The Newsmag WordPress theme before 5.0 does not sanitise the tdblockid parameter in its tdajaxblock AJAX action, leading to an unauthenticated Reflected Cross-site Scripting XSS vulnerability...

CVE-2021-3135

An issue was discovered in the tagDiv Newspaper theme 10.3.9.1 for WordPress. It allows XSS via the wp-admin/admin-ajax.php tdblockid parameter in a tdajaxblock API call...