94 matches found
CVE-2024-34572
The CVE-2024-34572 entry concerns the WordPress plugin Fancy Elementor Flipbox (ThemePrix Fancy Elementor Flipbox). Affected component: the plugin’s input handling in web page generation, leading to Stored Cross-Site Scripting (XSS). Impact is described as Stored XSS with low severity metrics (CV...
CVE-2024-34572 WordPress Fancy Elementor Flipbox plugin <= 2.4.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemePrix Fancy Elementor Flipbox fancy-elementor-flipbox allows Stored XSS.This issue affects Fancy Elementor Flipbox: from n/a through 2.4.2...
PT-2024-25988 · Unknown · Themeprix Fancy Elementor Flipbox
Name of the Vulnerable Software and Affected Versions: ThemePrix Fancy Elementor Flipbox versions through 2.4.2 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Stored XSS. Recommendations: For...
WordPress plugin Fancy Elementor Flipbox 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
WordPress Fancy Elementor Flipbox plugin <= 2.5.2 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Khalid Patchstack Alliance in WordPress Plugin Fancy Elementor Flipbox versions = 2.5.2...
WordPress Fancy Elementor Flipbox Plugin <= 2.5.2 is vulnerable to Cross Site Scripting (XSS)
Software Fancy Elementor Flipbox Type Plugin Vulnerable versions = 2.5.2 Fixed in 2.6.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-34572 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 6fdd1efa32f5 Credits Khalid Yusuf Required privileg...
CVE-2024-2349
The Fancy Elementor Flipbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Fancy Elementor Flipbox widget in all versions up to, and including, 2.5.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2024-2349
CVE-2024-2349 affects Fancy Elementor Flipbox for WordPress (all versions up to 2.4.2) with Stored XSS via the Fancy Elementor Flipbox widget. Root cause is insufficient input sanitization/output escaping. Exploitation requires authentication at contributor level or higher, enabling injection of ...
PT-2024-19896 · WordPress · Fancy Elementor Flipbox
Name of the Vulnerable Software and Affected Versions: Fancy Elementor Flipbox plugin for WordPress versions up to, and including, 2.4.2 Description: The issue is related to Stored Cross-Site Scripting via the Fancy Elementor Flipbox widget due to insufficient input sanitization and output...
WordPress plugin Fancy Elementor Flipbox 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress Fancy Elementor Flipbox plugin <= 2.5.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Fancy Elementor Flipbox Widget vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Fancy Elementor Flipbox Widget vulnerability discovered by Francesco Carlucci in WordPress Plugin Fancy Elementor Flipbox versions = 2.5.1...
WordPress Fancy Elementor Flipbox Plugin <= 2.5.1 is vulnerable to Cross Site Scripting (XSS)
Software Fancy Elementor Flipbox Type Plugin Vulnerable versions = 2.5.1 Fixed in 2.5.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2349 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID dd388fab11b8 Credits Francesco Carluc...
WordPress WN Flipbox Pro Plugin <= 1.15 is vulnerable to Cross Site Scripting (XSS)
Software WN Flipbox Pro Type Plugin Vulnerable versions = 1.15 Fixed in 2.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID ef85e7e1358f Credits Rafie Muhammad Patchstack Required...
CVE-2022-45831
Unauth. Reflected Cross-Site Scripting XSS vulnerability in biplob018 Image Hover Effects for Elementor with Lightbox and Flipbox plugin = 2.8 versions...
CVE-2022-45831
CVE-2022-45831 affects the WordPress plugin Image Hover Effects – Caption Hover with Carousel (biplob018 Image Hover Effects for Elementor With Lightbox and Flipbox) versions
CVE-2022-45831 WordPress Image Hover Effects - Caption Hover with Carousel Plugin <= 2.8 is vulnerable to Cross Site Scripting (XSS)
Unauth. Reflected Cross-Site Scripting XSS vulnerability in biplob018 Image Hover Effects for Elementor with Lightbox and Flipbox plugin = 2.8 versions...
PT-2023-14774 · WordPress · Biplob018 Image Hover Effects For Elementor With Lightbox/Flipbox
Name of the Vulnerable Software and Affected Versions: biplob018 Image Hover Effects for Elementor with Lightbox and Flipbox plugin versions = 2.8 Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This vulnerability allows for reflected cross-site...
Image Hover Effects for Elementor with Lightbox and Flipbox < 3.0 - Reflected XSS
The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2022-33969
Authenticated WordPress Options Change vulnerability in Biplob Adhikari's Flipbox plugin = 2.6.0 at WordPress...
CVE-2022-33969
Authenticated WordPress Options Change vulnerability in Biplob Adhikari's Flipbox plugin = 2.6.0 at WordPress...