10 matches found
EUVD-2023-57908
Malicious code in bioql PyPI...
CVE-2023-5615
The Skype Legacy Buttons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'skype-status' shortcode in all versions up to, and including, 3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2023-5615
The Skype Legacy Buttons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'skype-status' shortcode in all versions up to, and including, 3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2023-5615
The Skype Legacy Buttons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'skype-status' shortcode in all versions up to, and including, 3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2023-5615 Skype Legacy Buttons <= 3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
The Skype Legacy Buttons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'skype-status' shortcode in all versions up to, and including, 3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2023-5615 Skype Legacy Buttons <= 3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
The Skype Legacy Buttons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'skype-status' shortcode in all versions up to, and including, 3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2023-5615
CVE-2023-5615 affects the WordPress plugin Skype Legacy Buttons (versions
WordPress Plugin Skype Legacy Buttons Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...
Skype Legacy Buttons <= 3.1 - Contributor+ Stored XSS
Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admin...
WordPress Skype Legacy Buttons Plugin <= 3.1 is vulnerable to Cross Site Scripting (XSS)
Software Skype Legacy Buttons Type Plugin Vulnerable versions = 3.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5615 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 4c9dad501ca8 Credits Lana Codes Required...