WordPress Code Insert Manager (Q2W3 Inc Manager) plugin <= 2.5.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Dimas Maulana Patchstack Alliance in WordPress Plugin Code Insert Manager Q2W3 Inc Manager versions = 2.5.3...

WordPress Code Insert Manager (Q2W3 Inc Manager) Plugin <= 2.5.3 is vulnerable to Cross Site Scripting (XSS)

Software Code Insert Manager Q2W3 Inc Manager Type Plugin Vulnerable versions = 2.5.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32547 Patch priority Medium CVSS severity Medium 5.8 Developer Claim ownership PSID c408b8a3e4fc Credits Dimas Maulana...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a memory leak vulnerability in perfenvinsertbtf...

Contao: Unencoded insert tags in the frontend

Impact It is possible to inject insert tags via the form generator if the submitted form data is output on the page in a specific way. Patches Update to Contao 4.13.40 or 5.3.4. Workarounds Do not output the submitted form data on the website. References...

GHSA-747V-52C4-8VJ8 Contao: Unencoded insert tags in the frontend

Impact It is possible to inject insert tags via the form generator if the submitted form data is output on the page in a specific way. Patches Update to Contao 4.13.40 or 5.3.4. Workarounds Do not output the submitted form data on the website. References...

CVE-2024-28191 Contao may have unencoded insert tags in the frontend

Contao is an open source content management system. Starting in version 4.0.0 and prior to version 4.13.40 and 5.3.4, it is possible to inject insert tags in frontend forms if the output is structured in a very specific way. Contao versions 4.13.40 and 5.3.4 have a patch for this issue. As a...

CVE-2024-28191 Contao may have unencoded insert tags in the frontend

Contao is an open source content management system. Starting in version 4.0.0 and prior to version 4.13.40 and 5.3.4, it is possible to inject insert tags in frontend forms if the output is structured in a very specific way. Contao versions 4.13.40 and 5.3.4 have a patch for this issue. As a...

CVE-2024-28191 Contao may have unencoded insert tags in the frontend

Contao is an open source content management system. Starting in version 4.0.0 and prior to version 4.13.40 and 5.3.4, it is possible to inject insert tags in frontend forms if the output is structured in a very specific way. Contao versions 4.13.40 and 5.3.4 have a patch for this issue. As a...

PT-2024-22325 · Contao · Contao

Name of the Vulnerable Software and Affected Versions: Contao versions 4.0.0 through 4.13.39 Contao versions 5.0.0 through 5.3.3 Description: The issue allows inject tags in frontend forms if the output is structured in a very specific way. It is possible to inject insert tags via the form...

CVE-2014-125111 namithjawahar Wp-Insert cross site scripting

A vulnerability was found in namithjawahar Wp-Insert up to 2.0.8 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgrading to version 2.0.9 is able to address this issue. The...

CVE-2014-125111 namithjawahar Wp-Insert cross site scripting

A vulnerability was found in namithjawahar Wp-Insert up to 2.0.8 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgrading to version 2.0.9 is able to address this issue. The...

Wp-Insert 跨站脚本漏洞

Wp-Insert is an ad management plugin. A cross-site scripting vulnerability exists in Wp-Insert version 2.0.8, which stems from the presence of unknown functions that lead to cross-site scripting...

PT-2024-10553 · Wp-Insert · Wp-Insert

Name of the Vulnerable Software and Affected Versions: namithjawahar Wp-Insert versions 2.0.8 and earlier Description: A vulnerability was found in the software, classified as problematic, and it affects some unknown functionality. The manipulation of this issue leads to cross-site scripting. The...

April 2, 2024, update for PowerPoint 2016 (KB5002568)

April 2, 2024, update for PowerPoint 2016 KB5002568 This article describes update 5002568 for Microsoft PowerPoint 2016 that was released on April 2, 2024.Be aware that the update in the Microsoft Download Center applies to the Microsoft Installer .msi-based edition of Office 2016. It doesn't app...

CVE-2024-26645

In the Linux kernel, the following vulnerability has been resolved: tracing: Ensure visibility when inserting an element into tracingmap Running the following two commands in parallel on a multi-processor AArch64 machine can sporadically produce an unexpected warning about duplicate histogram...

CVE-2023-52609 binder: fix race between mmput() and do_exit()

In the Linux kernel, the following vulnerability has been resolved: binder: fix race between mmput and doexit Task A calls binderupdatepagerange to allocate and insert pages on a remote address space from Task B. For this, Task A pins the remote mm via mmgetnotzero first. This can race with Task ...

BIT-POSTGRESQL-2021-32028

A flaw was found in postgresql. Using an INSERT ... ON CONFLICT ... DO UPDATE command on a purpose-crafted table, an authenticated database user could read arbitrary bytes of server memory. The highest threat from this vulnerability is to data confidentiality...

CVE-2024-0658

The Insert PHP Code Snippet plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the user's name when accessing the insert-php-code-snippet-manage page in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping. This makes it possible f...

WordPress Plugin Insert PHP Code Snippet Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

CVE-2024-26581

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetrbtree: skip end interval element from gc rbtree lazy gc on insert might collect an end interval element that has been just added in this transactions, skip end interval elements that are not yet active...