PT-2024-26570 · WordPress · Custom Field Suite

Name of the Vulnerable Software and Affected Versions: Custom Field Suite plugin for WordPress versions up to, and including, 2.6.7 Description: The issue is related to insufficient sanitization of input prior to being used in a call to the eval function, which makes it possible for authenticated...

WBCE CMS Cross-Site Scripting Vulnerability

WBCE CMS is an open source content management system CMS based on PHP and MySQL. A cross-site scripting vulnerability exists in WBCE CMS 1.5.4 and previous versions, which stems from the lack of effective filtering and escaping of user-supplied data in the Post Loop field of the Overview Page...

Cross site scripting

A cross-site scripting XSS vulnerability in the Overview Page settings module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Post Loop field...

PT-2022-27372 · Wbce Cms · Wbce Cms

Name of the Vulnerable Software and Affected Versions: WBCE CMS version 1.5.4 Description: A cross-site scripting XSS issue in the Overview Page settings module allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Post Loop field. This enables the...

WBCE CMS 跨站脚本漏洞

WBCE CMS is an open source content management system CMS based on PHP and MySQL. A cross-site scripting vulnerability exists in WBCE CMS 1.5.4 and previous versions, which stems from the lack of effective filtering and escaping of user-supplied data in the Post Loop field of the Overview Page...