Cross Site Scripting (XSS)

sulu/form-bundle is vulnerable to Cross Site Scripting XSS. The vulnerability is due to the TokenController improperly sanitizating the formName parameter which is returned in the input field...

CVE-2024-5090

The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's SiteOrigin Blog Widget in all versions up to, and including, 1.61.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-5090 SiteOrigin Widgets Bundle <= 1.61.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via SiteOrigin Blog Widget

The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's SiteOrigin Blog Widget in all versions up to, and including, 1.61.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-5090 SiteOrigin Widgets Bundle <= 1.61.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via SiteOrigin Blog Widget

The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's SiteOrigin Blog Widget in all versions up to, and including, 1.61.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

WordPress plugin SiteOrigin Widgets Bundle security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress SiteOrigin Widgets Bundle plugin <= 1.61.1 - Authenticated Stored Cross-Site Scripting vulnerability

Authenticated Stored Cross-Site Scripting vulnerability discovered by Ngô Thiên An ancorn in WordPress Plugin SiteOrigin Widgets Bundle versions = 1.61.1...

WordPress SiteOrigin Widgets Bundle Plugin <= 1.61.1 is vulnerable to Cross Site Scripting (XSS)

Software SiteOrigin Widgets Bundle Type Plugin Vulnerable versions = 1.61.1 Fixed in 1.62.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5090 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID e67670e2ff92 Credits Ngô Thiên An...

willdurand/js-translation-bundle potential path traversal attack and remote code injection

A path traversal and a javascript code injection vulnerabilities were identified in willdurand/js-translation-bundle versions prior to 2.1.1...

Widget Bundle <= 2.0.0 - Widget Disable/Enable via CSRF

Description The plugin does not have CSRF checks when logging Widgets, which could allow attackers to make logged in admin enable/disable widgets via a CSRF attack PoC This PoC disables the User Registration widget. To do so, make a logged in admin open an HTML file containing:...

Widget Bundle <= 2.0.0 - Unauthencated Reflected XSS

Description The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against only unauthenticated users PoC On a site with the User Login/Registration widget active, have an unauthenticated user send...

Widget Bundle <= 2.0.0 - Widget Disable/Enable via CSRF

Description The plugin does not have CSRF checks when logging Widgets, which could allow attackers to make logged in admin enable/disable widgets via a CSRF attack This PoC disables the User Registration widget. To do so, make a logged in admin open an HTML file containing:...

Widget Bundle <= 2.0.0 - Unauthencated Reflected XSS

Description The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against only unauthenticated users On a site with the User Login/Registration widget active, have an unauthenticated user send a...

Widget Bundle <= 2.0.0 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC 1. Enable the "Text Form" widget...

Widget Bundle <= 2.0.0 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup 1. Enable the "Text Form" widget 2. Ad...

Cross-site Request Forgery (CSRF)

sylius/resource-bundle is vulnerable to a Cross-Site Request Forgery. The vulnerability is due to the absence of proper validation and insufficient CSRF protection for actions such as marking order payments or product reviews in the AdminBundle and ResourceBundle. This allowing attackers to perfo...

Cross-site Request Forgery (CSRF)

sylius/admin-bundle is vulnerable to Cross-Site Request Forgery CSRF. The vulnerability is due to the absence of a CSRF token requirement in several administrative actions, such as marking orders payments as completed or refunded, and marking product reviews as accepted or rejected. This flaws...

PT-2024-10554 · Symfony · Symfony Frameworkbundle

Name of the Vulnerable Software and Affected Versions: Symfony FrameworkBundle affected versions not specified Description: A code injection issue was found in the way Symfony implements translation caching in FrameworkBundle. The issue arises when using the Symfony translation system and not...

GHSA-7R3J-QMR4-JFPJ Kaminari Insecure File Permissions Vulnerability

A moderate severity security vulnerability has been identified in the Kaminari pagination library for Ruby on Rails, concerning insecure file permissions. This advisory outlines the vulnerability, affected versions, and provides guidance for mitigation. Impact This vulnerability is of moderate...

SUSE CVE-2021-47539

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix rxrpcpeer leak in rxrpclookupbundle Need to call rxrpcputpeer for bundle candidate before kfree as it holds a ref to rxrpcpeer. DH: v2: Changed to abstract out the bundle freeing code into a function...

CVE-2021-47539

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix rxrpcpeer leak in rxrpclookupbundle Need to call rxrpcputpeer for bundle candidate before kfree as it holds a ref to rxrpcpeer. DH: v2: Changed to abstract out the bundle freeing code into a function...