WordPress Amazing Hover Effects Plugin <=2.4.9 is vulnerable to Cross Site Scripting (XSS)

Software Amazing Hover Effects Type Plugin Vulnerable versions =2.4.9 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-38741 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID e171adbb497e Credits Joshua Chan Required privilege...

CVE-2024-37546

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in biplob018 Image Hover Effects - Caption Hover with Carousel allows Stored XSS.This issue affects Image Hover Effects - Caption Hover with Carousel: from n/a through 3.0.2...

CVE-2024-37546

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in biplob018 Image Hover Effects - Caption Hover with Carousel allows Stored XSS.This issue affects Image Hover Effects - Caption Hover with Carousel: from n/a through 3.0.2...

CVE-2024-37546 WordPress Image Hover Effects for Elementor with Lightbox and Flipbox plugin <= 3.0.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in biplob018 Image Hover Effects - Caption Hover with Carousel allows Stored XSS.This issue affects Image Hover Effects - Caption Hover with Carousel: from n/a through 3.0.2...

CVE-2024-37546

CVE-2024-37546 concerns the WordPress plugin “Image Hover Effects – Caption Hover with Carousel” (versions

WordPress Image Hover Effects for Elementor with Lightbox and Flipbox plugin <= 3.0.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Khalid Patchstack Alliance in WordPress Plugin Image Hover Effects - Caption Hover with Carousel versions = 3.0.2...

WordPress plugin Image Hover Effects with Carousel security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress Image Hover Effects - Caption Hover with Carousel Plugin <= 3.0.2 is vulnerable to Cross Site Scripting (XSS)

Software Image Hover Effects - Caption Hover with Carousel Type Plugin Vulnerable versions = 3.0.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37546 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 1e0b4b757b67 Credits Khalid...

PT-2024-27643 · Unknown · Image Hover Effects - Caption Hover With Carousel

Name of the Vulnerable Software and Affected Versions: Image Hover Effects - Caption Hover with Carousel versions 3.0.2 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS...

CVE-2024-5259

The MultiVendorX Marketplace – WooCommerce MultiVendor Marketplace Solution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘hoveranimation’ parameter in all versions up to, and including, 4.1.11 due to insufficient input sanitization and output escaping. This makes it...

WordPress MultiVendorX Marketplace plugin <= 4.1.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via hover_animation Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via hoveranimation Parameter vulnerability discovered by stealthcopter in WordPress Plugin MultiVendorX versions = 4.1.11...

CVE-2024-5001

The Image Hover Effects for Elementor with Lightbox and Flipbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id', 'oxiaddonsftitletag', and 'contentdescriptiontag' parameters in all versions up to, and including, 3.0.2 due to insufficient input sanitization and outpu...

CVE-2024-5001

The Image Hover Effects for Elementor with Lightbox and Flipbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id', 'oxiaddonsftitletag', and 'contentdescriptiontag' parameters in all versions up to, and including, 3.0.2 due to insufficient input sanitization and outpu...

WordPress plugin Image Hover Effects for Elementor with Lightbox and Flipbox security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2024-33849 · WordPress · Image Hover Effects For Elementor With Lightbox/Flipbox

Name of the Vulnerable Software and Affected Versions: Image Hover Effects for Elementor with Lightbox and Flipbox plugin for WordPress versions up to, and including, 3.0.2 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping...

CVE-2024-2784

The The Plus Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Hover Card widget in all versions up to, and including, 5.5.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...

CVE-2024-2784 The Plus Addons for Elementor <= 5.5.4 - Authenticated (Contibutor+) Stored Cross-Site Scripting via Hover Card

The The Plus Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Hover Card widget in all versions up to, and including, 5.5.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...

PT-2024-22074 · WordPress · The Plus Addons For Elementor

Name of the Vulnerable Software and Affected Versions: The Plus Addons for Elementor plugin for WordPress versions up to, and including, 5.5.4 Description: The issue is related to Stored Cross-Site Scripting via the Hover Card widget due to insufficient input sanitization and output escaping on...

CVE-2024-4619

The Elementor Website Builder – More than Just a Page Builder plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the ‘hoveranimation’ parameter in versions up to, and including, 3.21.4 due to insufficient input sanitization and output escaping. This makes it possible...

PT-2024-31919 · WordPress · Elementor Website Builder

Name of the Vulnerable Software and Affected Versions: Elementor Website Builder plugin for WordPress versions up to, and including, 3.21.4 Description: The Elementor Website Builder plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the hover animation parameter due ...