CVE-2013-7476

The simple-fields plugin before 1.2 for WordPress has CSRF in the admin interface...

CVE-2013-7476

The connected advisories confirm a CSRF vulnerability in the WordPress Simple Fields plugin prior to version 1.2, affecting the admin interface. Root cause: CSRF in admin actions could allow unauthorized requests when an authenticated admin visits a malicious page. Impact is described in CVE reco...

CVE-2019-12723

The CVE-2019-12723 entry concerns the Teclib Fields plugin for GLPI (affected version up to 1.9.2). The issue is a SQL Injection via container_id and old_order parameters to ajax/reorder.php that can be exploited by an unauthenticated user. Impact is described in the sources as high/critical (CVS...

Stored Cross Site Scripting in Grails Fields Plugin

Grails Fields plugin version 2.2.7 contains a Cross Site Scripting XSS vulnerability in using the display tag that can result in XSS. This vulnerability has been fixed in version 2.2.8...

GHSA-Q25J-GCMV-5QPP Stored Cross Site Scripting in Grails Fields Plugin

Grails Fields plugin version 2.2.7 contains a Cross Site Scripting XSS vulnerability in using the display tag that can result in XSS. This vulnerability has been fixed in version 2.2.8...

Grails Fields Plugin Cross-Site Scripting Vulnerability

Grails Fields plugin is a field property definition plugin . A cross-site scripting vulnerability exists in the use of display tags in Grails Fields plugin version 2.2.7. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...

CVE-2018-1000529

Grails Fields plugin version 2.2.7 contains a Cross Site Scripting XSS vulnerability in Using the display tag that can result in XSS . This vulnerability appears to have been fixed in 2.2.8...

CVE-2018-1000529

Grails Fields plugin version 2.2.7 contains a Cross Site Scripting XSS vulnerability in Using the display tag that can result in XSS . This vulnerability appears to have been fixed in 2.2.8...

Cross site scripting

Grails Fields plugin version 2.2.7 contains a Cross Site Scripting XSS vulnerability in Using the display tag that can result in XSS . This vulnerability appears to have been fixed in 2.2.8...

CVE-2018-1000529

Grails Fields plugin version 2.2.7 contains a Cross Site Scripting XSS vulnerability in Using the display tag that can result in XSS . This vulnerability appears to have been fixed in 2.2.8...

CVE-2018-1000529

CVE-2018-1000529 concerns the Grails Fields plugin (version 2.2.7) and its use of display tags, where an XSS vulnerability could be triggered. The connected advisories confirm the issue and state that it has been fixed in version 2.2.8 . The available documents describe the affected component (or...

Cross-site Scripting (XSS)

Overview org.grails.plugins:fields is a customizable form-field rendering based on overrideable GSP template. Affected versions of this package are vulnerable to Cross-site Scripting XSS. Domain objects being displayed by tags of the plugin containing HTML or JavaScript code are not being encoded...

WordPress More Fields Plugin 2.1 - CSRF

This vulnerability is disabled for all functions add box and delete box options. Because of that, an attacker can add or delete extra fields in additional boxes on the edit page in the Admin. Solution Upgrade the plugin...

WordPress Simple Fields Plugin <= 1.4.10 - Cross Site Scripting

Because of this vulnerability, the attackers can inject arbitrary JavaScript or HTML code. Solution Update the plugin...

WordPress Simple Fields Plugin 1.1.6 - Cross Site Request Forgery

This plugin is prone to a cross site request forgery vulnerability. Solution Update the plugin...

WordPress Simple Fields Plugin 0.3.5 - Remote File Inclusion

This plugin is prone to a remote file inclusion vulnerability. Solution Update the plugin...

WordPress Simple Fields Plugin <= 1.1.6 - Cross Site Request Forgery

This plugin is prone to a cross site request forgery vulnerability via admin functions. Solution Update the plugin...