CVE-2024-9860

The Bridge Core plugin for WordPress is vulnerable to unauthorized modification of data or loss of data due to a missing capability check on the 'importaction' and 'installpluginperdemo' functions in versions up to, and including, 3.3. This makes it possible for authenticated attackers with...

CVE-2024-9292

The Bridge Core plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'formforall' shortcode in versions up to, and including, 3.2.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with...

WordPress plugin Bridge Core 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

CVE-2024-9292

The Bridge Core plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'formforall' shortcode in versions up to, and including, 3.2.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with...

CVE-2024-9292

CVE-2024-9292 : Bridge Core WordPress plugin vulnerable to stored XSS via the shortcodes formforall (versions ≤ 3.2.0). Root cause is insufficient input sanitization and output escaping on user-supplied attributes, enabling authenticated attackers with contributor-level permissions to inject scri...

Cross site scripting

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Qode Interactive Bridge Core plugin = 3.0.9 versions...

CVE-2023-40333 WordPress Bridge Core Plugin <= 3.0.9 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Qode Interactive Bridge Core plugin = 3.0.9 versions...

CVE-2023-40333

CVE-2023-40333 refers to unauthenticated, reflected XSS in the WordPress Bridge Core plugin ( 3.0.9 (i.e., 3.1.0 or later). NVD lists a base score around 6.1 (Medium) with network attack vector and user interaction required. Patchstack also notes the fix in 3.1.0 and labels the vulnerability as X...

PT-2023-27392 · Qode Interactive · Qode Interactive Bridge Core Plugin

Name of the Vulnerable Software and Affected Versions: Qode Interactive Bridge Core plugin versions = 3.0.9 Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This vulnerability allows for the execution of malicious scripts on a user's browser,...

WordPress plugin bridge-core cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...