7 matches found
CVE-2011-2641
Opera 11.11 allows remote attackers to cause a denial of service application crash by setting the FACE attribute of a FONT element within an IFRAME element after changing the SRC attribute of this IFRAME element to an about:blank value...
CVE-2021-24435
The iframe-font-preview.php file of the titan-framework does not properly escape the font-weight and font-family GET parameters before outputting them back in an href attribute, leading to Reflected Cross-Site Scripting issues...
CVE-2021-34649
The Simple Behance Portfolio WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the dark parameter in the /titan-framework/iframe-font-preview.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.2...
WordPress 插件跨站脚本漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress Plugin is an open source application plugin for WordPress. A security vulnerability in WordPress Simple...
Titan Framework <= 1.12.1 - Reflected Cross-Site Scripting (XSS)
Description The iframe-font-preview.php file of the titan-framework does not properly escape the font-weight and font-family GET parameters before outputting them back in an href attribute, leading to Reflected Cross-Site Scripting issues Edit WPScanTeam: - The original report mentioned the issue...
Titan Framework <= 1.12.1 - Reflected Cross-Site Scripting (XSS)
Description The iframe-font-preview.php file of the titan-framework does not properly escape the font-weight and font-family GET parameters before outputting them back in an href attribute, leading to Reflected Cross-Site Scripting issues Edit WPScanTeam: - The original report mentioned the issue...
WordPress Titan Framework Plugin Cross-Site Scripting Vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites on servers with PHP and MySQL.Titan Framework is one of the plug-ins for developers to create administrative pages. A cross-site scripting...