Lucene search
K

123 matches found

Positive Technologies
Positive Technologies
added 2023/05/10 12:0 a.m.5 views

PT-2023-14781 · WordPress · Nickys Image Map Pro

Name of the Vulnerable Software and Affected Versions: Nickys Image Map Pro for WordPress - Interactive SVG Image Map Builder plugin versions prior to 5.6.9 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick...

8.8CVSS8.5AI score0.00253EPSS
Exploits0References4
NVD
NVD
added 2023/03/28 9:15 a.m.21 views

CVE-2023-25704

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Mehjabin Orthi Interactive SVG Image Map Builder plugin = 1.0 versions...

5.9CVSS5.4AI score0.00369EPSS
Exploits0References1
OSV
OSV
added 2023/03/28 9:15 a.m.4 views

CVE-2023-25704

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Mehjabin Orthi Interactive SVG Image Map Builder plugin = 1.0 versions...

4.8CVSS6.6AI score0.00369EPSS
Exploits0References1
Prion
Prion
added 2023/03/28 9:15 a.m.14 views

Cross site scripting

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Mehjabin Orthi Interactive SVG Image Map Builder plugin = 1.0 versions...

4.3CVSS4.9AI score0.00369EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/03/28 12:0 a.m.3 views

WordPress Plugin Interactive SVG Image Map Builder 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...

5.9CVSS6.4AI score0.00369EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/03/28 12:0 a.m.5 views

PT-2023-20257 · Unknown · Mehjabin Orthi Interactive Svg Image Map Builder

Name of the Vulnerable Software and Affected Versions: Mehjabin Orthi Interactive SVG Image Map Builder plugin versions = 1.0 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin+ privileges. This vulnerability affects the...

5.9CVSS5.5AI score0.00369EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:20 a.m.5 views

SUSE CVE-2004-0527

KDE Konqueror 2.1.1 and 2.2.2 allows remote attackers to spoof a legitimate URL in the status bar via A HREF tags with modified "alt" values that point to the legitimate site, combined with an image map whose href points to the malicious site, which facilitates a "phishing" attack...

5CVSS7AI score0.05762EPSS
Exploits1References3
Patchstack
Patchstack
added 2023/02/14 12:0 a.m.8 views

WordPress Interactive SVG Image Map Builder Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)

Software Interactive SVG Image Map Builder Type Plugin Vulnerable versions = 1.0 Fixed in 1.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-25704 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 9e6397036265 Credits Lokesh...

5.9CVSS5.8AI score0.00369EPSS
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/14 12:0 a.m.16 views

Interactive SVG Image Map Builder < 1.1 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00369EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/11/23 12:0 a.m.26 views

WordPress Image Map Pro premium plugin <= 5.5.0 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities

Multiple Cross-Site Request Forgery CSRF vulnerabilities were discovered by Dave Jong Patchstack in the WordPress Image Map Pro premium plugin versions = 5.5.0. Solution No patched version is available. No reply from the vendor for a long time...

2.6AI score0.00253EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/11/23 12:0 a.m.31 views

WordPress Image Map Pro premium plugin <= 5.5.0 - Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS)

Cross-Site Request Forgery CSRF leading to Stored Cross-Site Scripting XSS discovered by Dave Jong Patchstack in the WordPress Image Map Pro premium plugin versions = 5.5.0. Solution No patched version is available. No reply from the vendor for a long time...

1.8AI score0.00229EPSS
Exploits0Affected Software1
wpexploit
wpexploit
added 2021/03/24 12:0 a.m.81 views

MapifyLite < 4.0.0 - Authenticated Stored Cross-Site Scripting (XSS)

The plugin does not sanitise the Image URL either in the settings or in a location, allowing editor+ users to use a malicious payload, leading to Stored Cross-Site Scripting issues. Notes WPScanTeam: - The vendor has been notified on March 24th, 2021 - The pro version is very likely to be...

Exploits0References1
OSV
OSV
added 2018/07/24 8:8 p.m.3 views

GHSA-RWR3-C2Q8-GM56 Pillow Integer overflow in Map.c

Pillow before 3.3.2 allows context-dependent attackers to obtain sensitive information by using the "crafted image file" approach, related to an "Integer Overflow" issue affecting the Image.core.mapbuffer in map.c component...

6.9CVSS7.1AI score0.01861EPSS
Exploits0References10
OpenVAS
OpenVAS
added 2017/04/19 12:0 a.m.25 views

Bugzilla XSS Vulnerability

Bugzilla is prone to a cross-site scripting vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:bugzilla"; if...

6.1CVSS5.9AI score0.01483EPSS
Exploits0References1
OSV
OSV
added 2016/11/04 10:59 a.m.4 views

PYSEC-2016-8

Pillow before 3.3.2 allows context-dependent attackers to obtain sensitive information by using the "crafted image file" approach, related to an "Integer Overflow" issue affecting the Image.core.mapbuffer in map.c component...

5.5CVSS7.1AI score0.01861EPSS
Exploits0References7
FreeBSD
FreeBSD
added 2016/03/03 12:0 a.m.31 views

Bugzilla security issues

Bugzilla Security Advisory A specially crafted bug summary could trigger XSS in dependency graphs. Due to an incorrect parsing of the image map generated by the dot script, a specially crafted bug summary could trigger XSS in dependency graphs...

6.1CVSS2.2AI score0.01483EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2008/08/13 2:17 p.m.6 views

JFreeChart: XSS vulnerabilities in the image map feature

Multiple cross-site scripting XSS vulnerabilities in the image map feature in JFreeChart 1.0.8 allow remote attackers to inject arbitrary web script or HTML via the 1 chart name or 2 chart tool tip text; or the 3 href, 4 shape, or 5 coords attribute of a chart area...

4.3CVSS5.8AI score0.0276EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2008/06/30 3:33 p.m.6 views

JFreeChart: XSS vulnerabilities in the image map feature

Multiple cross-site scripting XSS vulnerabilities in the image map feature in JFreeChart 1.0.8 allow remote attackers to inject arbitrary web script or HTML via the 1 chart name or 2 chart tool tip text; or the 3 href, 4 shape, or 5 coords attribute of a chart area...

4.3CVSS5.8AI score0.0276EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2008/05/20 2:14 p.m.6 views

httpd: mod_imagemap XSS

Cross-site scripting XSS vulnerability in the 1 modimap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the 2 modimagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS7.3AI score0.46603EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2008/05/20 2:12 p.m.7 views

JFreeChart: XSS vulnerabilities in the image map feature

Multiple cross-site scripting XSS vulnerabilities in the image map feature in JFreeChart 1.0.8 allow remote attackers to inject arbitrary web script or HTML via the 1 chart name or 2 chart tool tip text; or the 3 href, 4 shape, or 5 coords attribute of a chart area...

4.3CVSS5.8AI score0.0276EPSS
Exploits1References4
Rows per page
Query Builder