CVE-2022-2936

The CVE-2022-2936 issue affects the WordPress plugin Image Hover Effects Ultimate (versions up to and including 9.7.3). It is a Stored Cross-Site Scripting vulnerability caused by insufficient input sanitization and output escaping of Video Link values added to an Image Hover. Authenticated attac...

CVE-2022-2936 Image Hover Effects Ultimate <= 9.7.3 - Authenticated Stored Cross-Site Scripting via Video Link

The Image Hover Effects Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Video Link values that can be added to an Image Hover in versions up to, and including, 9.7.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

PT-2022-19562 · WordPress · Image Hover Effects Ultimate

Name of the Vulnerable Software and Affected Versions: Image Hover Effects Ultimate plugin for WordPress versions up to, and including, 9.7.3 Description: The issue arises from insufficient input sanitization and output escaping in the Video Link values that can be added to an Image Hover. This...

WordPress plugin Image Hover Effects Ultimate 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

PT-2022-19556 · WordPress · Image Hover Effects Ultimate

Name of the Vulnerable Software and Affected Versions: Image Hover Effects Ultimate plugin for WordPress versions up to, and including, 9.7.3 Description: The issue is related to Stored Cross-Site Scripting via the Media Image URL value that can be added to an Image Hover due to insufficient inpu...

WordPress plugin Image Hover Effects Ultimate 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

Image Hover Effects Ultimate < 9.8.0 - Authenticated Stored XSS

The plugin does not sanitise and escape the Media Image URL, Video Link, Title and Description field of an Image Hover, which could lead to Stored XSS when low privileged users are allowed to access the plugin's feature which can be set via the plugin settings...

Beaver Builder < 2.5.5.3 - Authenticated Stored XSS via Caption On Hover

The plugin does not sanitise and escape the Caption On Hover field of images, which could allow users with access to the plugin's editor to perform Cross-Site Scripting attacks...

July 21, 2022—KB5015882 (OS Build 22000.832) Preview

July 21, 2022—KB5015882 OS Build 22000.832 Preview For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 11 original release, see its update history page.Note Follow @WindowsUpdate to...

WordPress Hover Effects plugin local file inclusion vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Hover Effects plugin 2.1 and earlier versions have a local file inclusion vulnerability, which stem...

CVE-2022-29447

Authenticated administrator or higher user role Local File Inclusion LFI vulnerability in Wow-Company's Hover Effects plugin = 2.1 at WordPress...

CVE-2022-29447

CVE-2022-29447 concerns the WordPress Hover Effects plugin (versions

CVE-2022-29447 WordPress Hover Effects plugin <= 2.1 - Authenticated Local File Inclusion (LFI) vulnerability

Authenticated administrator or higher user role Local File Inclusion LFI vulnerability in Wow-Company's Hover Effects plugin = 2.1 at WordPress...

CVE-2022-29424

Authenticated admin or higher user role Reflected Cross-Site Scripting XSS vulnerability in Biplob Adhikari's Image Hover Effects Ultimate plugin = 9.7.1 at WordPress...

CVE-2022-29424

Authenticated admin or higher user role Reflected Cross-Site Scripting XSS vulnerability in Biplob Adhikari's Image Hover Effects Ultimate plugin = 9.7.1 at WordPress...

CVE-2022-29424

CVE-2022-29424 describes an authenticated Reflected Cross-Site Scripting (XSS) in WordPress Image Hover Effects Ultimate plugin up to version 9.7.1. The root cause is lack of data validation/filtering of user-supplied data and insufficient output escaping on an admin page, enabling an admin+ user...

WordPress plugin Image Hover Effects Ultimate跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Image Hover Effects Ultimate plugin 9.7.1 and earlier versions are vulnerable to a cross-site...

WordPress plugin Hover Effects 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Hover Effects plugin 2.1 and earlier versions have a local file inclusion vulnerability, which stem...

CVE-2022-29447

Authenticated administrator or higher user role Local File Inclusion LFI vulnerability in Wow-Company's Hover Effects plugin = 2.1 at WordPress...

WordPress Hover Effects plugin <= 2.1 - Authenticated Local File Inclusion (LFI) vulnerability

Authenticated Local File Inclusion LFI vulnerability discovered by 0xB9 Patchstack Alliance in WordPress Hover Effects plugin versions = 2.1. Solution Update the WordPress Hover Effects plugin to the latest available version at least 2.1.1...