7 matches found
CVE-2024-3267
The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's btbbpricelist shortcode in all versions up to, and including, 4.8.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
PT-2024-24754 · WordPress · Bold Page Builder
Name of the Vulnerable Software and Affected Versions: The Bold Page Builder plugin for WordPress versions up to, and including, 4.8.8 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping on user-supplied attributes in the bt ...
WordPress Bold Page Builder plugin <= 4.8.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via bt_bb_price_list Shortcode vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via btbbpricelist Shortcode vulnerability discovered by stealthcopter in WordPress Plugin Bold Page Builder versions = 4.8.8...
WordPress Plugin LiquidPoll 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
CVE-2023-0542 Custom Post Type List Shortcode <= 1.4.4 - Contributor+ Stored XSS
The Custom Post Type List Shortcode WordPress plugin through 1.4.4 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site...
CVE-2023-0542 Custom Post Type List Shortcode <= 1.4.4 - Contributor+ Stored XSS
The Custom Post Type List Shortcode WordPress plugin through 1.4.4 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site...
WordPress plugin Custom Post Type List Shortcode 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in...