WordPress HollerBox plugin <= 2.3.10.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by she11f in WordPress Plugin HollerBox versions = 2.3.10.1...

EUVD-2023-46149

Malicious code in bioql PyPI...

CVE-2023-41657

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Groundhogg Inc. HollerBox plugin = 2.3.2 versions...

CVE-2023-41657

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Groundhogg Inc. HollerBox plugin = 2.3.2 versions...

CVE-2023-41657

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Groundhogg Inc. HollerBox plugin = 2.3.2 versions...

Cross site scripting

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Groundhogg Inc. HollerBox plugin = 2.3.2 versions...

CVE-2023-41657 WordPress HollerBox Plugin <= 2.3.2 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Groundhogg Inc. HollerBox plugin = 2.3.2 versions...

CVE-2023-41657

CVE-2023-41657 describes an Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in the Groundhogg HollerBox WordPress plugin, affecting versions

CVE-2023-41657 WordPress HollerBox Plugin <= 2.3.2 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Groundhogg Inc. HollerBox plugin = 2.3.2 versions...

WordPress Plugin Fast & Effective Popups & Lead-Generation for WordPress - HollerBox Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

HollerBox < 2.3.3 - Admin+ Stored XSS

Description The plugin does not validate and escape some parameters, which could allow users with the admin role and above to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

PT-2023-28028 · Groundhogg · Hollerbox Plugin

Name of the Vulnerable Software and Affected Versions: Groundhogg Inc. HollerBox plugin versions = 2.3.2 Description: The issue is related to an Authenticated admin+ Stored Cross-Site Scripting XSS vulnerability. This means that an attacker with administrative access can inject malicious scripts...

WordPress HollerBox Plugin <= 2.3.2 is vulnerable to Cross Site Scripting (XSS)

Software HollerBox Type Plugin Vulnerable versions = 2.3.2 Fixed in 2.3.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-41657 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 33a61ccd5728 Credits Rio Darmawan Required privile...

CVE-2023-2111 HollerBox < 2.1.4 - Admin+ SQL Injection

The Fast & Effective Popups & Lead-Generation for WordPress plugin before 2.1.4 concatenates user input into an SQL query without escaping it first in the plugin's report API endpoint, which could allow administrators in multi-site configuration to leak sensitive information from the site's...

HollerBox < 2.1.4 - Admin+ SQL Injection

The plugin concatenates user input into an SQL query without escaping it first in the plugin's report API endpoint, which could allow administrators in multi-site configuration to leak sensitive information from the site's database. 1. Login as admin 2. Make sure HollerBox is installed and...

WordPress HollerBox Plugin <= 2.1.3 is vulnerable to SQL Injection

Software HollerBox Type Plugin Vulnerable versions = 2.1.3 Fixed in 2.1.4 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-2111 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID 81f314d3ef98 Credits rSolutions Security Team Required privilege Administrato...