13 matches found
CVE-2026-6399
The General Options plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 1.1.0. This is due to the use of sanitizetextfield for output escaping in the Contact Number adcontactnumber field — a function that strips HTML tags but does not encode...
CVE-2026-6399
The General Options plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 1.1.0. This is due to the use of sanitizetextfield for output escaping in the Contact Number adcontactnumber field — a function that strips HTML tags but does not encode...
CVE-2026-6399
The CVE concerns the WordPress General Options plugin (up to version 1.1.0). Root cause: the code uses sanitize_text_field() for output escaping in the ad_contact_number field, which strips HTML but does not encode double quotes, so when echoed inside a double-quoted HTML attribute (value="..."),...
CVE-2026-6399 General Options <= 1.1.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'ad_contact_number' Parameter
The General Options plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 1.1.0. This is due to the use of sanitizetextfield for output escaping in the Contact Number adcontactnumber field — a function that strips HTML tags but does not encode...
CVE-2026-6399 General Options <= 1.1.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'ad_contact_number' Parameter
The General Options plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 1.1.0. This is due to the use of sanitizetextfield for output escaping in the Contact Number adcontactnumber field — a function that strips HTML tags but does not encode...
CVE-2026-6399
The General Options plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 1.1.0. This is due to the use of sanitizetextfield for output escaping in the Contact Number adcontactnumber field — a function that strips HTML tags but does not encode...
EUVD-2026-31040
The General Options plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 1.1.0. This is due to the use of sanitizetextfield for output escaping in the Contact Number adcontactnumber field — a function that strips HTML tags but does not encode...
PT-2026-42063
Name of the Vulnerable Software and Affected Versions General Options versions prior to 1.1.1 Description The General Options plugin for WordPress contains a Stored Cross-Site Scripting issue. This occurs because the sanitize text field function is used for output escaping in the Contact Number a...
WordPress General Options plugin <= 1.1.0 - Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability
Authenticated Administrator+ Stored Cross-Site Scripting vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin General Options versions = 1.1.0...
CVE-2023-44796
Cross Site Scripting XSS vulnerability in LimeSurvey before version 6.2.9-230925 allows a remote attacker to escalate privileges via a crafted script to the generaloptionspanel.php component...
Error: Skipping VM processing due to insufficient free disk space on datastore
Challenge A Backup or Replication job fails with the messages: Production datastore is getting low on free space xx GB left, and may run out of free disk space completely due to open snapshots. Insufficient free disk space on production datastore . Error: Skipping VM processing due to insufficien...
WordPress ImageInject plugin cross-site scripting vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site.ImageInject plugin is used in one of the image upload plugin. A cross-site scripting vulnerability exists in versi...
WordPress NextGEN Gallery 1.9.5 Cross Site Scripting
Title: ====== NextGEN Gallery v1.9.5 Wordpress - Web Vulnerabilities Date: ===== 2012-08-23 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=693 VL-ID: ===== 693 Common Vulnerability Scoring System: ==================================== 3.5 Introduction: =============...