GHSA-56JV-4WW3-65MW Liferay Portal is vulnerable to XSS in the Blogs widget

Cross-site scripting XSS vulnerability in the Blogs widget in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.10, 2023.Q3.1 through 2023.Q3.8, 7.4 GA through update 92, 7.3 GA through update 36, and older unsupported versions allow...

CVE-2024-12043

The Prime Slider – Addons For Elementor Revolution of a slider, Hero Slider, Post Slider and Ecommerce Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'sociallinktitle' parameter of the 'blog' widget in all versions up to, and including, 3.16.5 due to insufficient...

PT-2025-1734 · WordPress · The Prime Slider – Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Prime Slider – Addons For Elementor plugin for WordPress versions up to, and including, 3.16.5 Description: The issue concerns a Stored Cross-Site Scripting vulnerability. It is caused by insufficient input sanitization and output escaping,...

WordPress plugin Prime Slider 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...

CVE-2024-8442

The Prime Slider – Addons For Elementor Revolution of a slider, Hero Slider, Ecommerce Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Blog widget in all versions up to, and including, 3.15.18 due to insufficient input sanitization and output escaping on...

WordPress Prime Slider - Addons For Elementor plugin <= 3.15.18 - Authenticated (Contributor+) Stored Cross-Site Scripting via Blog Widget vulnerability

WordPress Prime Slider - Addons For Elementor plugin = 3.15.18 - Authenticated Contributor+ Stored Cross-Site Scripting via Blog Widget vulnerability discovered by Robert DeVore in WordPress Plugin Prime Slider – Addons For Elementor versions = 3.15.18...

WordPress Blog Sidebar Widget Plugin <= 1.0.6 is vulnerable to Cross Site Scripting (XSS)

Software Blog Sidebar Widget Type Plugin Vulnerable versions = 1.0.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 7ae8bbf8a06a Credits Rafie Muhammad Patchstack...