CVE-2022-45831 WordPress Image Hover Effects - Caption Hover with Carousel Plugin <= 2.8 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in biplob018 Image Hover Effects for Elementor with Lightbox and Flipbox plugin = 2.8 versions...

CVE-2022-45831

CVE-2022-45831 affects the WordPress plugin Image Hover Effects – Caption Hover with Carousel (biplob018 Image Hover Effects for Elementor With Lightbox and Flipbox) versions

PT-2023-14774 · WordPress · Biplob018 Image Hover Effects For Elementor With Lightbox/Flipbox

Name of the Vulnerable Software and Affected Versions: biplob018 Image Hover Effects for Elementor with Lightbox and Flipbox plugin versions = 2.8 Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This vulnerability allows for reflected cross-site...

WordPress plugin Image Hover Effects 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...

SUSE CVE-2010-1412

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors related to hover events...

SUSE CVE-2011-2635

The Cascading Style Sheets CSS implementation in Opera before 11.10 allows remote attackers to cause a denial of service application crash via vectors involving use of the :hover pseudo-class, in conjunction with transforms, for a floated element...

SUSE CVE-2013-5613

Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption via...

WordPress Image Hover Effects - Caption Hover with Carousel Plugin <= 2.8 is vulnerable to Cross Site Scripting (XSS)

Software Image Hover Effects - Caption Hover with Carousel Type Plugin Vulnerable versions = 2.8 Fixed in 3.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-45831 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

Image Hover Effects For WPBakery Page Builder < 5.0 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

WordPress Hover Image Plugin <= 1.4.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software Hover Image Type Plugin Vulnerable versions = 1.4.1 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-47611 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID c61292cd5ab2 Credits Mika Required privilege...

CVE-2022-4207

The Image Hover Effects Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several values that can be added to an Image Hover in versions 9.8.1 to 9.8.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers to...

CVE-2022-4207

The Image Hover Effects Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several values that can be added to an Image Hover in versions 9.8.1 to 9.8.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers to...

CVE-2022-4207

The Image Hover Effects Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several values that can be added to an Image Hover in versions 9.8.1 to 9.8.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers to...

Cross site scripting

The Image Hover Effects Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several values that can be added to an Image Hover in versions 9.8.1 to 9.8.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers to...

CVE-2022-4207

CVE-2022-4207 affects the WordPress plugin Image Hover Effects Ultimate (versions 9.8.1–9.8.4). The root cause is insufficient input sanitization and output escaping in multiple values added to an Image Hover, allowing Stored XSS by authenticated users. Exploitation could occur when a site admin ...

CVE-2022-4207

The Image Hover Effects Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several values that can be added to an Image Hover in versions 9.8.1 to 9.8.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers to...

WordPress plugin Image Hover Effects Ultimate 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

PT-2022-26232 · WordPress · Image Hover Effects Ultimate

Name of the Vulnerable Software and Affected Versions: Image Hover Effects Ultimate plugin for WordPress versions 9.8.1 through 9.8.4 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping in several values that can be added to ...

CVE-2022-4010

The Image Hover Effects WordPress plugin before 5.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2022-4010

The Image Hover Effects WordPress plugin before 5.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...