CVE-2023-25021

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in FareHarbor FareHarbor for WordPress plugin = 3.6.6 versions...

EUVD-2023-29000

Malicious code in bioql PyPI...

CVE-2023-5252

The FareHarbor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 3.6.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level...

FareHarbor < 3.6.8 - Contributor+ Stored Cross-Site Scripting

Description The plugin does not adequately sanitize input or escape output on user-supplied attributes, leading to the possibility of Stored Cross-Site Scripting via shortcodes. This issue arises when authenticated users with contributor-level or higher permissions inject arbitrary web scripts in...

CVE-2023-5252

The FareHarbor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 3.6.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level...

CVE-2023-5252

The FareHarbor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 3.6.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level...

Cross site scripting

The FareHarbor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 3.6.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level...

CVE-2023-5252 FareHarbor for WordPress <= 3.6.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The FareHarbor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 3.6.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level...

CVE-2023-5252 FareHarbor for WordPress <= 3.6.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The FareHarbor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 3.6.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level...

CVE-2023-5252

CVE-2023-5252 affects FareHarbor for WordPress: Stored XSS via shortcode attributes in versions up to 3.6.7. Root cause: insufficient input sanitization and output escaping on user-supplied attributes. Impact per sources: authenticated users with contributor+ could inject scripts; CVSS ~6.4 (Medi...

WordPress Plugin FareHarbor Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress FareHarbor for WordPress Plugin <= 3.6.7 is vulnerable to Cross Site Scripting (XSS)

Software FareHarbor for WordPress Type Plugin Vulnerable versions = 3.6.7 Fixed in 3.6.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5252 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 4383b2e39a1a Credits István Márton...

CVE-2023-25021

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in FareHarbor FareHarbor for WordPress plugin = 3.6.6 versions...

CVE-2023-25021

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in FareHarbor FareHarbor for WordPress plugin = 3.6.6 versions...

Cross site scripting

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in FareHarbor FareHarbor for WordPress plugin = 3.6.6 versions...

CVE-2023-25021 WordPress FareHarbor for WordPress Plugin <= 3.6.6 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in FareHarbor FareHarbor for WordPress plugin = 3.6.6 versions...

CVE-2023-25021

CVE-2023-25021 affects the FareHarbor FareHarbor for WordPress plugin (versions

CVE-2023-25021 WordPress FareHarbor for WordPress Plugin <= 3.6.6 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in FareHarbor FareHarbor for WordPress plugin = 3.6.6 versions...

Wordpress plugin FareHarbor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2023-19872 · Fareharbor · Fareharbor For Wordpress

Name of the Vulnerable Software and Affected Versions: FareHarbor FareHarbor for WordPress plugin versions = 3.6.6 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin+ privileges. Recommendations: For FareHarbor FareHarbor f...