3 matches found
PT-2024-25566 · Elementor · Elementor – Header
Name of the Vulnerable Software and Affected Versions: Elementor – Header, Footer & Blocks Template versions 1.6.35 and earlier Description: The issue is related to an Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for DOM-Based XS...
Cross-site Scripting Vulnerability in Discuz!
Discuz! is a very popular Web forum program in the Chinese community. A cross-site scripting vulnerability exists in Discuz! X3.4, which stems from the failure of admincp/admincpsetting.php and template\default\common\footer.htm to properly handle the statcode field, which can be exploited to...
CVE-2018-19464
Discuz! X3.4 allows XSS via admin.php because admincp/admincpsetting.php and template\default\common\footer.htm mishandles statcode field from third-party stats code...