6 matches found
EUVD-2015-1118
Malware in sbrugna...
CVE-2024-3674
The Inline Google Spreadsheet Viewer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'gdoc' shortcode in all versions up to, and including, 0.13.2 due to insufficient input sanitization and output escaping on user supplied attributes such as 'chartresolution'...
CVE-2024-3674
The CVE-2024-3674 entry concerns the Inline Google Spreadsheet Viewer WordPress plugin. Affected versions: all up to 0.13.2, due to insufficient input sanitization and output escaping on gdoc shortcode attributes (e.g., chart_resolution). This enables stored cross-site scripting (XSS) by authenti...
CVE-2024-3674
The Inline Google Spreadsheet Viewer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'gdoc' shortcode in all versions up to, and including, 0.13.2 due to insufficient input sanitization and output escaping on user supplied attributes such as 'chartresolution'...
WordPress Inline Google Spreadsheet Viewer Plugin <= 0.13.2 is vulnerable to Cross Site Scripting (XSS)
Software Inline Google Spreadsheet Viewer Type Plugin Vulnerable versions = 0.13.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3674 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 23328dda23e9 Credits Krzyszto...
Cross site request forgery (csrf)
A vulnerability was found in meitar Inline Google Spreadsheet Viewer Plugin up to 0.9.6 on WordPress and classified as problematic. Affected by this issue is the function displayShortcode of the file inline-gdocs-viewer.php. The manipulation leads to cross-site request forgery. The attack may be...