WordPress Floating Awesome Button plugin <= 1.5.12 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Floating Awesome Button plugin versions = 1.5.12. Solution Update the WordPress Floating Awesome Button plugin to the latest available version at least 1.5.14...

WordPress WordPress Easy Call Now Button by elixirs.io plugin <= 1.0.5 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress WordPress Easy Call Now Button by elixirs.io plugin versions = 1.0.5. Solution No patched version available...

WordPress Remove Add to Cart Button for WooCommerce plugin <= 1.0.2 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Remove Add to Cart Button for WooCommerce plugin versions = 1.0.2. Solution Update the WordPress Remove Add to Cart Button for WooCommerce plugin to the latest available version at least 1.0.3...

WordPress Chat Button- Leads and Order over Chat plugin <= 1.6.0 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Chat Button- Leads and Order over Chat plugin versions = 1.6.0. Solution Update the WordPress Chat Button- Leads and Order over Chat plugin to the latest available version at least 1.6.1...

WordPress Floating Awesome Button plugin <= 1.5.12 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Floating Awesome Button plugin versions = 1.5.12. Solution Update the Floating Awesome Button plugin to the latest available version at least 1.5.14...

WordPress Chat Button- Leads and Order over Chat plugin <= 1.6.0 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Chat Button- Leads and Order over Chat plugin versions = 1.6.0. Solution Update the WordPress Chat Button- Leads and Order over Chat plugin to the latest available version at least 1.6.1...

WordPress Plugin Buffer Button Cross-Site Scripting Vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress plugin Buffer Button prior to version 1.0, which...

CVE-2021-25058

The Buffer Button WordPress plugin through 1.0 was vulnerable to Authenticated Stored Cross Site Scripting XSS within the Twitter username to mention text field...

Cross site scripting

The Buffer Button WordPress plugin through 1.0 was vulnerable to Authenticated Stored Cross Site Scripting XSS within the Twitter username to mention text field...

CVE-2021-25058 The Buffer Button <= 1.0 - Authenticated Stored Cross Site Scripting (XSS)

The Buffer Button WordPress plugin through 1.0 was vulnerable to Authenticated Stored Cross Site Scripting XSS within the Twitter username to mention text field...

CVE-2021-25058

The CVE-2021-25058 entry corresponds to the WordPress plugin Buffer Button (versions

WordPress plugin Buffer Button 跨站脚本漏洞

WordPress is a set of blogging platforms developed using the PHP language by the Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress plugin Buffer Button prior to version 1.0, which...

XpressEngine 跨站脚本漏洞

XpressEngine XE is a CMS Content Management System that allows anyone to publish content easily, conveniently and freely. With an open source license, anyone can use or modify it, and as an open project, anyone can participate in its development. XE suffers from a security vulnerability that stem...

admin-tool-button (>=1.0.1a0 <=1.0.5a0), apis-ampel (=0.1.0) +57 more potentially affected by CVE-2022-22818 via django (>=3.2.0 <=3.2.11)

django PYPI version =3.2.0, =1.0.1a0, =0.2.0, =22.0.0.dev21, =22.0.0.dev13, =22.0.0.dev29, =0.0.1, =0.0.14 - django-blocklist =1.0.0 - django-brazilian-zipcode =0.1.0 - django-cachalot =2.4.0 and more Source cves: CVE-2022-22818 Source advisory: OSV:PYSEC-2022-19...

CVE-2021-23236

Requests may be used to interrupt the normal operation of the device. When exploited, Fresenius Kabi Agilia Link+ version 3.0 must be rebooted via a hard reset triggered by pressing a button on the rack system...

Hardcoded credentials

Requests may be used to interrupt the normal operation of the device. When exploited, Fresenius Kabi Agilia Link+ version 3.0 must be rebooted via a hard reset triggered by pressing a button on the rack system...

The Buffer Button <= 1.0 - Authenticated Stored Cross Site Scripting (XSS)

The plugin was vulnerable to Authenticated Stored Cross Site Scripting XSS within the Twitter username to mention text field. 1. Insert below payload in the Twitter username to mention text field "alert44 2. Click on Save Changes...

WordPress The Buffer Button plugin <= 1.0 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Rutuja D Shirke in WordPress The Buffer Button plugin versions = 1.0. Solution Deactivate and delete. This plugin has been closed as of January 3, 2022 and is not available for download. This closure is temporary, pending a...

The Buffer Button <= 1.0 - Authenticated Stored Cross Site Scripting (XSS)

The plugin was vulnerable to Authenticated Stored Cross Site Scripting XSS within the Twitter username to mention text field. PoC 1. Insert below payload in the Twitter username to mention text field " 2. Click on Save Changes...

admin-tool-button (>=1.0.1a0 <=1.0.5a0), apis-ampel (=0.1.0) +51 more potentially affected by CVE-2021-45116 via django (>=3.2.0 <=3.2.10)

django PYPI version =3.2.0, =1.0.1a0, =0.2.0, =22.0.0.dev21, =22.0.0.dev13, =22.0.0.dev29, =22.0.0.dev30 - autoreduce-utils =0.1.0 - common-framework =2021.4.1 - directory-validators =9.0.0 - django-admin-taggit-ui =0.1.0.dev0 - django-blocklist =1.0.0 - django-brazilian-zipcode =0.1.0 -...