209 matches found
CVE-2022-4207
CVE-2022-4207 affects the WordPress plugin Image Hover Effects Ultimate (versions 9.8.1–9.8.4). The root cause is insufficient input sanitization and output escaping in multiple values added to an Image Hover, allowing Stored XSS by authenticated users. Exploitation could occur when a site admin ...
CVE-2022-4207
The Image Hover Effects Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several values that can be added to an Image Hover in versions 9.8.1 to 9.8.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers to...
CVE-2022-4207
The Image Hover Effects Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several values that can be added to an Image Hover in versions 9.8.1 to 9.8.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers to...
WordPress plugin Image Hover Effects Ultimate 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...
PT-2022-26232 · WordPress · Image Hover Effects Ultimate
Name of the Vulnerable Software and Affected Versions: Image Hover Effects Ultimate plugin for WordPress versions 9.8.1 through 9.8.4 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping in several values that can be added to ...
CVE-2022-4010
The Image Hover Effects WordPress plugin before 5.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2022-4010
The Image Hover Effects WordPress plugin before 5.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
Cross site scripting
The Image Hover Effects WordPress plugin before 5.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2022-4010 Image Hover Effects < 5.5 - Admin+ Stored XSS
The Image Hover Effects WordPress plugin before 5.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2022-4010
The CVE-2022-4010 entry affects the Image Hover Effects WordPress plugin (versions prior to 5.5). The issue is that the plugin does not sanitize and escape certain settings, enabling Stored Cross-Site Scripting by high-privilege users (e.g., admins) even when unfiltered_html is disallowed (includ...
WordPress plugin Image Hover Effects 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
The vulnerability of the Image Hover Effects Ultimate plugin of the WordPress content management system, related to the lack of protective measures for website structures, allows attackers to carry out cross-site scripting attacks.
The vulnerability of the Image Hover Effects Ultimate plugin of the WordPress content management system is related to the lack of protection for the web page structure when processing values of the Title and Description fields. Exploiting this vulnerability allows a malicious actor to perform...
PT-2022-25202 · WordPress · Image Hover Effects
Name of the Vulnerable Software and Affected Versions: Image Hover Effects WordPress plugin versions prior to 5.5 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks, even when the unfiltered html capability is disallowed, for example...
CVE-2022-3601
The Image Hover Effects Css3 WordPress plugin through 4.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2022-3601
The Image Hover Effects Css3 WordPress plugin through 4.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
Cross site scripting
The Image Hover Effects Css3 WordPress plugin through 4.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2022-3601 Image Hover Effects Css3 <= 4.5 - Admin+ Stored XSS
The Image Hover Effects Css3 WordPress plugin through 4.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2022-3601 Image Hover Effects Css3 <= 4.5 - Admin+ Stored XSS
The Image Hover Effects Css3 WordPress plugin through 4.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2022-3601
CVE-2022-3601 affects the WordPress plugin Image Hover Effects Css3 (versions
PT-2022-23109 · WordPress · The Image Hover Effects Css3 Wordpress Plugin
Name of the Vulnerable Software and Affected Versions: The Image Hover Effects Css3 WordPress plugin versions 4.5 and earlier Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks, even when the unfiltered html capability is disallowed,...