23 matches found
CVE-2023-49743
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jeff Starr Dashboard Widgets Suite allows Stored XSS.This issue affects Dashboard Widgets Suite: from n/a through 3.4.1...
EUVD-2023-53666
Malicious code in bioql PyPI...
EUVD-2023-30314
Malicious code in bioql PyPI...
CVE-2024-0979
The Dashboard Widgets Suite plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'tab' parameter in all versions up to, and including, 3.4.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary...
WordPress Dashboard Widgets Suite plugin <= 3.4.3 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by Krzysztof Zając in WordPress Plugin Dashboard Widgets Suite versions = 3.4.3...
CVE-2024-0979
The Dashboard Widgets Suite plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'tab' parameter in all versions up to, and including, 3.4.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary...
CVE-2024-0979
CVE-2024-0979 affects the WordPress plugin Dashboard Widgets Suite. The vulnerability is a Reflected Cross‑Site Scripting (XSS) via the tab parameter in all versions up to and including 3.4.3, caused by insufficient input sanitization and output escaping. It permits unauthenticated attackers to i...
WordPress Dashboard Widgets Suite Plugin <= 3.4.3 is vulnerable to Cross Site Scripting (XSS)
Software Dashboard Widgets Suite Type Plugin Vulnerable versions = 3.4.3 Fixed in 3.4.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0979 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID ec515656a329 Credits Krzysztof...
WordPress plugin Dashboard Widgets Suite security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
CVE-2023-49743
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jeff Starr Dashboard Widgets Suite allows Stored XSS.This issue affects Dashboard Widgets Suite: from n/a through 3.4.1...
CVE-2023-49743
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jeff Starr Dashboard Widgets Suite allows Stored XSS.This issue affects Dashboard Widgets Suite: from n/a through 3.4.1...
Cross site scripting
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jeff Starr Dashboard Widgets Suite allows Stored XSS.This issue affects Dashboard Widgets Suite: from n/a through 3.4.1...
CVE-2023-49743
The CVE-2023-49743 entry concerns the WordPress Dashboard Widgets Suite plugin. A stored XSS vulnerability exists due to improper input sanitization/output escaping, affecting Dashboard Widgets Suite versions up to 3.4.1 (including multi-site/administrator contexts). Red Hat and CVE lists mirror ...
Dashboard Widgets Suite < 3.4.2 - Authenticated (Administrator+) Stored Cross-Site Scripting
Description The Dashboard Widgets Suite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.4.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
WordPress Dashboard Widgets Suite Plugin <= 3.4.1 is vulnerable to Cross Site Scripting (XSS)
Software Dashboard Widgets Suite Type Plugin Vulnerable versions = 3.4.1 Fixed in 3.4.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-49743 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID c6ab0c656b0c Credits Rachit Arora Required privileg...
CVE-2023-26517
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Jeff Starr Dashboard Widgets Suite plugin = 3.2.1 versions...
CVE-2023-26517
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Jeff Starr Dashboard Widgets Suite plugin = 3.2.1 versions...
CVE-2023-26517 WordPress Dashboard Widgets Suite Plugin <= 3.2.1 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Jeff Starr Dashboard Widgets Suite plugin = 3.2.1 versions...
CVE-2023-26517 WordPress Dashboard Widgets Suite Plugin <= 3.2.1 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Jeff Starr Dashboard Widgets Suite plugin = 3.2.1 versions...
WordPress plugin Dashboard Widgets Suite 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...