110 matches found
CVE-2024-11357 Goodlayers Core < 2.0.10 - Contributor+ Stored XSS
The goodlayers-core WordPress plugin before 2.0.10 does not sanitise and escape some of its settings, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2024-11357 Goodlayers Core < 2.0.10 - Contributor+ Stored XSS
The goodlayers-core WordPress plugin before 2.0.10 does not sanitise and escape some of its settings, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2024-11357
CVE-2024-11357 affects the Goodlayers Core WordPress plugin (goodlayers-core). Public details indicate an authenticated stored XSS vulnerability due to insufficient sanitization/escaping of settings, exploitable by users with Contributor+ privileges. Impact is storage and execution of arbitrary s...
WordPress plugin Goodlayers Core 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress Goodlayers Core plugin <= 2.0.7 - Reflected Cross-Site Scripting via 'font-family' vulnerability
Reflected Cross-Site Scripting via 'font-family' vulnerability discovered by mike harris mikeyh in WordPress Plugin Goodlayers Core versions = 2.0.7...
CVE-2024-11200
The Goodlayers Core plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘font-family’ parameter in all versions up to, and including, 2.0.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary...
WordPress plugin Goodlayers Core 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...
GoodLayers LMS for Wordpress SQL Injection Vulnerability
GoodLayers LMS for Wordpress is a Learning Management System plugin from Goodlayers Software USA. A SQL injection vulnerability exists in Good Layers LMS Plugin version 2.1.4 and earlier versions, which can be exploited by attackers to obtain sensitive information about a database...
WordPress Good LMS SQL Injection
Exploit Title: Good LMS - Learning Management System WP Plugin SQL Injection Date: 2018-01-24 Exploit Author: Esecurity.ir Exploit Author Web Site: http://esecurity.ir Special Thanks : Meisam Monsef [email protected] - Telegram ID : @meisamrce Vendor Homepage: https://goodlayers.com/ Version: A...
WordPress Plugin Learning Management System - 'course_id' SQL Injection
Exploit Title: Good LMS - Learning Management System WP Plugin SQL Injection Date: 2018-01-24 Exploit Author: Esecurity.ir Exploit Author Web Site: http://esecurity.ir Special Thanks : Meisam Monsef [email protected] - Telegram ID : @meisamrce Vendor Homepage: https://goodlayers.com/ Version: A...