12 matches found
EUVD-2021-11325
Malware in sbrugna...
CVE-2024-10666
The Easy Twitter Feed – Twitter feeds plugin for WP plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.2.6 via the etf shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from...
CVE-2024-10666
The Easy Twitter Feed – Twitter feeds plugin for WP plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.2.6 via the etf shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from...
WordPress plugin Easy Twitter Feed 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress Easy Twitter Feed plugin <= 1.2.6 - Authenticated (Contributor+) Post Exposure vulnerability
Authenticated Contributor+ Post Exposure vulnerability discovered by Francesco Carlucci in WordPress Plugin Easy Twitter Feed versions = 1.2.6...
WordPress Easy Twitter Feed Plugin <= 1.2.6 is vulnerable to Broken Access Control
Software Easy Twitter Feed Type Plugin Vulnerable versions = 1.2.6 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Access Control CVE CVE-2024-10666 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 7120bb84b17b Credits Francesc...
CVE-2021-24413
The Easy Twitter Feed WordPress plugin before 1.2 does not sanitise or validate the parameters from its shortcode, allowing users with a role as low as contributor to set Cross-Site Scripting payload in them which will be triggered in the page/s with the embed malicious shortcode...
CVE-2021-24413
The Easy Twitter Feed WordPress plugin before 1.2 does not sanitise or validate the parameters from its shortcode, allowing users with a role as low as contributor to set Cross-Site Scripting payload in them which will be triggered in the page/s with the embed malicious shortcode...
Cross site scripting
The Easy Twitter Feed WordPress plugin before 1.2 does not sanitise or validate the parameters from its shortcode, allowing users with a role as low as contributor to set Cross-Site Scripting payload in them which will be triggered in the page/s with the embed malicious shortcode...
CVE-2021-24413
Vulnerability: CVE-2021-24413 affects the WordPress Easy Twitter Feed plugin (versions
WordPress 插件跨站脚本漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress Plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists i...
WordPress Easy Twitter Feed plugin <= 1.1 - Stored Cross-Site Scripting (XSS) vulnerability
Stored Cross-Site Scripting XSS vulnerability discovered by Michał Lipiński in WordPress Easy Twitter Feed plugin versions = 1.1. Solution Update the WordPress Easy Twitter Feed plugin to the latest available version at least 1.2...