EUVD-2024-33744

Malicious code in bioql PyPI...

CVE-2024-11119

The BNE Gallery Extended plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'gallery' shortcode in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-11119

The BNE Gallery Extended plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'gallery' shortcode in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-11119

CVE-2024-11119 affects BNE Gallery Extended for WordPress. It is a Stored XSS via the gallery shortcode in all versions ≤ 1.2.1 due to inadequate input sanitization and output escaping. An authenticated attacker with contributor-level access can inject scripts that execute for page visitors. Seve...

CVE-2024-11119 BNE Gallery Extended <= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via gallery Shortcode

The BNE Gallery Extended plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'gallery' shortcode in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

WordPress plugin BNE Gallery Extended 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2024-16772 · WordPress · Bne Gallery Extended

Name of the Vulnerable Software and Affected Versions: BNE Gallery Extended plugin for WordPress versions up to, and including, 1.2.1 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'gallery' shortcode due to insufficient input sanitization and output escaping on...

WordPress BNE Gallery Extended plugin <= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via gallery Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via gallery Shortcode vulnerability discovered by Peter Thaleikis in WordPress Plugin BNE Gallery Extended versions = 1.2.1...

WordPress BNE Gallery Extended Plugin <= 1.2.1 is vulnerable to Cross Site Scripting (XSS)

Software BNE Gallery Extended Type Plugin Vulnerable versions = 1.2.1 Fixed in 1.2.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-11119 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 2f5f789e47b8 Credits Peter Thaleikis...