Lucene search
K

424 matches found

Positive Technologies
Positive Technologies
added 2023/11/22 12:0 a.m.4 views

PT-2023-32124 · WordPress · Drop Shadow Boxes

Name of the Vulnerable Software and Affected Versions: Drop Shadow Boxes plugin for WordPress versions up to, and including, 1.7.13 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the dropshadowbox shortcode. This allows...

6.4CVSS6.2AI score0.00544EPSS
Exploits0References6
CNNVD
CNNVD
added 2023/11/22 12:0 a.m.3 views

WordPress Plugin Drop Shadow Boxes Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

6.4CVSS6AI score0.00544EPSS
Exploits0References4
Patchstack
Patchstack
added 2023/11/20 12:0 a.m.10 views

WordPress Drop Shadow Boxes Plugin <= 1.7.13 is vulnerable to Cross Site Scripting (XSS)

Software Drop Shadow Boxes Type Plugin Vulnerable versions = 1.7.13 Fixed in 1.7.14 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5469 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID fdec3ba1fce0 Credits István Márton Requir...

6.4CVSS5.7AI score0.00544EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2023/10/24 12:0 a.m.2 views

Mozilla Firefox Security Vulnerability

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox version 119, which originates from an insufficient activation delay, and may allow users to inadvertently activate or eliminate certain browser prompt...

4.3CVSS6.4AI score0.00781EPSS
Exploits0References17
OpenVAS
OpenVAS
added 2023/10/09 12:0 a.m.7 views

Debian: Security Advisory (DLA-3607-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/10/08 12:0 a.m.27 views

Debian dla-3607 : gnome-boxes - security update

The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3607 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3607-1 [email protected] https://www.debian.org/lts/security/...

5.5AI score
Exploits0References2
OSV
OSV
added 2023/10/07 12:0 a.m.14 views

DLA-3607-1 gnome-boxes - security update

Bulletin has no description...

7.2AI score
Exploits0
CNNVD
CNNVD
added 2023/09/25 12:0 a.m.5 views

Pimcore Cross-Site Scripting Vulnerability

Pimcore is Austria Pimcore company's set of open source for creating and managing Web applications Web content management platform. The platform integrates Web content management , e-commerce framework and product information management applications. A cross-site scripting vulnerability exists in...

5.4CVSS5.9AI score0.00326EPSS
Exploits0References3
Openbugbounty
Openbugbounty
added 2023/08/24 10:25 p.m.16 views

singaporeboxes.com Cross Site Scripting vulnerability OBB-3615881

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Microsoft KB
Microsoft KB
added 2023/07/27 12:0 a.m.8 views

July 27, 2023, update for Office 2016 (KB5002307)

July 27, 2023, update for Office 2016 KB5002307 This article describes update 5002307 for Microsoft Office 2016 that was released on July 27, 2023.Be aware that the update in the Microsoft Download Center applies to the Microsoft Installer .msi-based edition of Office 2016. It doesn't apply to th...

6.3AI score
Exploits0
OSV
OSV
added 2023/07/25 1:15 p.m.4 views

CVE-2023-23833

Auth. contributor+ Cross-Site Scripting XSS vulnerability in Steven Henty Drop Shadow Boxes plugin = 1.7.10 versions...

5.4CVSS5.8AI score0.00337EPSS
Exploits0References1
NVD
NVD
added 2023/07/25 1:15 p.m.29 views

CVE-2023-23833

Auth. contributor+ Cross-Site Scripting XSS vulnerability in Steven Henty Drop Shadow Boxes plugin = 1.7.10 versions...

6.5CVSS6AI score0.00337EPSS
Exploits0References1
Prion
Prion
added 2023/07/25 1:15 p.m.17 views

Cross site scripting

Auth. contributor+ Cross-Site Scripting XSS vulnerability in Steven Henty Drop Shadow Boxes plugin = 1.7.10 versions...

4.9CVSS5.3AI score0.00337EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/07/25 12:53 p.m.30 views

CVE-2023-23833 WordPress Drop Shadow Boxes Plugin <= 1.7.10 is vulnerable to Cross Site Scripting (XSS)

Auth. contributor+ Cross-Site Scripting XSS vulnerability in Steven Henty Drop Shadow Boxes plugin = 1.7.10 versions...

6.5CVSS6.2AI score0.00337EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/07/25 12:53 p.m.15 views

CVE-2023-23833 WordPress Drop Shadow Boxes Plugin <= 1.7.10 is vulnerable to Cross Site Scripting (XSS)

Auth. contributor+ Cross-Site Scripting XSS vulnerability in Steven Henty Drop Shadow Boxes plugin = 1.7.10 versions...

6.5CVSS5.9AI score0.00337EPSS
Exploits0References1
CVE
CVE
added 2023/07/25 12:53 p.m.50 views

CVE-2023-23833

CVE-2023-23833 describes an authenticated Cross-Site Scripting (XSS) vulnerability in the WordPress Drop Shadow Boxes plugin, affecting versions ≤ 1.7.10. The issue stems from improper escaping of input parameters, enabling a contributor-or-higher user to inject scripts into a site. Reported impa...

6.5CVSS5.6AI score0.00337EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/07/25 12:0 a.m.3 views

WordPress Plugin Drop Shadow Boxes 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.5CVSS5.4AI score0.00337EPSS
Exploits0References2
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.5 views

WordPress Drop Shadow Boxes Plugin < 1.7.12 is vulnerable to Cross Site Scripting (XSS)

Software Drop Shadow Boxes Type Plugin Vulnerable versions 1.7.12 Fixed in 1.7.12 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 8cdb65eb9ed4 Credits Rafie Muhammad Patchstack...

6.8AI score0.00284EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/07/17 12:0 a.m.16 views

CVE-2023-37770

faust commit ee39a19 was discovered to contain a stack overflow via the component boxppShared::print at /boxes/ppbox.cpp...

7.7AI score0.00272EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2023/07/17 12:0 a.m.15 views

CVE-2023-37770

faust commit ee39a19 was discovered to contain a stack overflow via the component boxppShared::print at /boxes/ppbox.cpp...

5.5CVSS5.6AI score0.00272EPSS
Exploits1
Rows per page
Query Builder