4 matches found
WordPress Jquery news ticker Plugin <= 3.1 is vulnerable to Cross Site Scripting (XSS)
Software Jquery news ticker Type Plugin Vulnerable versions = 3.1 Fixed in 3.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5432 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 4f07a499a4a8 Credits István Márton Required...
CVE-2018-1000508
WP ULike version 2.8.1, 3.1 contains a Cross Site Scripting XSS vulnerability in Settings screen that can result in allows unauthorised users to do almost anything an admin can. This attack appear to be exploitable via Admin must visit logs page. This vulnerability appears to have been fixed in 3...
CVE-2018-1000511
WP ULike version 2.8.1, 3.1 contains a Incorrect Access Control vulnerability in AJAX that can result in allows anybody to delete any row in certain tables. This attack appear to be exploitable via Attacker must make AJAX request. This vulnerability appears to have been fixed in 3.2...
CVE-2018-1000511
WP ULike version 2.8.1, 3.1 contains a Incorrect Access Control vulnerability in AJAX that can result in allows anybody to delete any row in certain tables. This attack appear to be exploitable via Attacker must make AJAX request. This vulnerability appears to have been fixed in 3.2...