Lucene search
K

209 matches found

CVE
CVE
added 2022/12/13 8:18 p.m.75 views

CVE-2022-4207

CVE-2022-4207 affects the WordPress plugin Image Hover Effects Ultimate (versions 9.8.1–9.8.4). The root cause is insufficient input sanitization and output escaping in multiple values added to an Image Hover, allowing Stored XSS by authenticated users. Exploitation could occur when a site admin ...

5.5CVSS5AI score0.00526EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/12/13 8:18 p.m.16 views

CVE-2022-4207

The Image Hover Effects Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several values that can be added to an Image Hover in versions 9.8.1 to 9.8.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers to...

5.5CVSS5.6AI score0.00526EPSS
Exploits0References5
Cvelist
Cvelist
added 2022/12/13 8:18 p.m.30 views

CVE-2022-4207

The Image Hover Effects Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several values that can be added to an Image Hover in versions 9.8.1 to 9.8.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers to...

5.5CVSS5.2AI score0.00526EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/12/13 12:0 a.m.6 views

WordPress plugin Image Hover Effects Ultimate 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

5.5CVSS5.7AI score0.00526EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/12/13 12:0 a.m.14 views

PT-2022-26232 · WordPress · Image Hover Effects Ultimate

Name of the Vulnerable Software and Affected Versions: Image Hover Effects Ultimate plugin for WordPress versions 9.8.1 through 9.8.4 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping in several values that can be added to ...

5.5CVSS5.2AI score0.00526EPSS
Exploits0References7
OSV
OSV
added 2022/12/12 6:15 p.m.3 views

CVE-2022-4010

The Image Hover Effects WordPress plugin before 5.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.8AI score0.00532EPSS
Exploits2References1
NVD
NVD
added 2022/12/12 6:15 p.m.21 views

CVE-2022-4010

The Image Hover Effects WordPress plugin before 5.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS0.00532EPSS
Exploits2References1
Prion
Prion
added 2022/12/12 6:15 p.m.24 views

Cross site scripting

The Image Hover Effects WordPress plugin before 5.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.3CVSS4.7AI score0.00532EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2022/12/12 5:54 p.m.23 views

CVE-2022-4010 Image Hover Effects < 5.5 - Admin+ Stored XSS

The Image Hover Effects WordPress plugin before 5.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5AI score0.00532EPSS
Exploits2References1
CVE
CVE
added 2022/12/12 5:54 p.m.62 views

CVE-2022-4010

The CVE-2022-4010 entry affects the Image Hover Effects WordPress plugin (versions prior to 5.5). The issue is that the plugin does not sanitize and escape certain settings, enabling Stored Cross-Site Scripting by high-privilege users (e.g., admins) even when unfiltered_html is disallowed (includ...

4.8CVSS4.7AI score0.00532EPSS
Exploits2References1Affected Software1
CNNVD
CNNVD
added 2022/12/12 12:0 a.m.4 views

WordPress plugin Image Hover Effects 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

4.8CVSS4.9AI score0.00532EPSS
Exploits2References2
BDU FSTEC
BDU FSTEC
added 2022/12/12 12:0 a.m.4 views

The vulnerability of the Image Hover Effects Ultimate plugin of the WordPress content management system, related to the lack of protective measures for website structures, allows attackers to carry out cross-site scripting attacks.

The vulnerability of the Image Hover Effects Ultimate plugin of the WordPress content management system is related to the lack of protection for the web page structure when processing values of the Title and Description fields. Exploiting this vulnerability allows a malicious actor to perform...

6.4CVSS5.6AI score0.00489EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2022/12/12 12:0 a.m.4 views

PT-2022-25202 · WordPress · Image Hover Effects

Name of the Vulnerable Software and Affected Versions: Image Hover Effects WordPress plugin versions prior to 5.5 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks, even when the unfiltered html capability is disallowed, for example...

4.8CVSS5.9AI score0.00532EPSS
Exploits2References5
OSV
OSV
added 2022/11/28 2:15 p.m.6 views

CVE-2022-3601

The Image Hover Effects Css3 WordPress plugin through 4.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.8AI score0.0047EPSS
Exploits2References1
NVD
NVD
added 2022/11/28 2:15 p.m.22 views

CVE-2022-3601

The Image Hover Effects Css3 WordPress plugin through 4.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS0.0047EPSS
Exploits2References1
Prion
Prion
added 2022/11/28 2:15 p.m.16 views

Cross site scripting

The Image Hover Effects Css3 WordPress plugin through 4.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.3CVSS4.7AI score0.0047EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/11/28 1:47 p.m.5 views

CVE-2022-3601 Image Hover Effects Css3 <= 4.5 - Admin+ Stored XSS

The Image Hover Effects Css3 WordPress plugin through 4.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.7AI score0.0047EPSS
Exploits2References1
Cvelist
Cvelist
added 2022/11/28 1:47 p.m.31 views

CVE-2022-3601 Image Hover Effects Css3 <= 4.5 - Admin+ Stored XSS

The Image Hover Effects Css3 WordPress plugin through 4.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5AI score0.0047EPSS
Exploits2References1
CVE
CVE
added 2022/11/28 1:47 p.m.64 views

CVE-2022-3601

CVE-2022-3601 affects the WordPress plugin Image Hover Effects Css3 (versions

4.8CVSS4.7AI score0.0047EPSS
Exploits2References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/11/28 12:0 a.m.4 views

PT-2022-23109 · WordPress · The Image Hover Effects Css3 Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: The Image Hover Effects Css3 WordPress plugin versions 4.5 and earlier Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks, even when the unfiltered html capability is disallowed,...

4.8CVSS5.8AI score0.0047EPSS
Exploits2References6
Rows per page
Query Builder