57 matches found
CVE-2024-11196 Multi-column Tag Map <= 17.0.33 - Authenticated (Contributor+) Stored Cross-Site Scripting via mctagmap Shortcode
The Multi-column Tag Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's mctagmap shortcode in all versions up to, and including, 17.0.33 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
WordPress plugin Multi-column Tag Map 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists i...
CVE-2023-41651
Missing Authorization vulnerability in Multi-column Tag Map.This issue affects Multi-column Tag Map: from n/a through 17.0.26...
CVE-2023-41651 WordPress Multi-column Tag Map plugin <= 17.0.26 - Broken Access Control vulnerability
Missing Authorization vulnerability in Multi-column Tag Map.This issue affects Multi-column Tag Map: from n/a through 17.0.26...
CVE-2023-41651 WordPress Multi-column Tag Map plugin <= 17.0.26 - Broken Access Control vulnerability
Missing Authorization vulnerability in Multi-column Tag Map.This issue affects Multi-column Tag Map: from n/a through 17.0.26...
PT-2024-12950 · Unknown · Multi-Column Tag Map
Name of the Vulnerable Software and Affected Versions: Multi-column Tag Map versions n/a through 17.0.26 Description: The issue is related to a Missing Authorization vulnerability in the Multi-column Tag Map. Recommendations: For versions n/a through 17.0.26, update to a version later than 17.0.2...
WordPress plugin Multi-column Tag Map 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
Multi-column Tag Map < 17.0.27 - Cross-Site Request Forgery
Description The Multi-column Tag Map plugin for WordPress is vulnerable to Cross-Site Request Forgery due to a missing nonce check on the scmcTagMappluginoptions function in versions up to, and including, 17.0.26. This makes it possible for unauthenticated attackers to update the plugin's setting...
WordPress Multi-column Tag Map Plugin <= 17.0.26 is vulnerable to Broken Access Control
Software Multi-column Tag Map Type Plugin Vulnerable versions = 17.0.26 Fixed in 17.0.27 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-41651 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 543c5fba661a Credits Rio Darmawan Require...
CVE-2023-23815
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Alan Jackson Multi-column Tag Map plugin = 17.0.24 versions...
CVE-2023-23815 WordPress Multi-column Tag Map Plugin <= 17.0.24 is vulnerable to Cross Site Scripting (XSS)
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Alan Jackson Multi-column Tag Map plugin = 17.0.24 versions...
CVE-2023-23815
CVE-2023-23815 affects the WordPress plugin WordPress Multi-column Tag Map (Alan Jackson) versions
WordPress plugin Multi-column Tag Map 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
SUSE CVE-2011-3038
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to multi-column handling...
Multi-column Tag Map < 17.0.25 - Contributor+ Stored XSS
The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
WordPress Multi-column Tag Map Plugin <= 17.0.24 is vulnerable to Cross Site Scripting (XSS)
Software Multi-column Tag Map Type Plugin Vulnerable versions = 17.0.24 Fixed in 17.0.25 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23815 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID c91cbb10a1f3 Credits István Márton...
Faraday v3.2 - Collaborative Penetration Test and Vulnerability Management Platform
Here is a list of all the goodies in Faraday v3.2: Workspace names- with numbers! With this new version, workspaces’ names are now allowed to start with numbers before they could only start with letters. Search unconfirmed vulns In this version was added the filter to be able to show unconfirmed...
Mozilla Thunderbird 17.x through 23.x Multiple Vulnerabilities
The installed version of Thunderbird is 17.x or later but prior to 24. It is, therefore, potentially affected the following vulnerabilities: - Memory issues exist in the browser engine that could allow for denial of service or arbitrary code execution. CVE-2013-1718, CVE-2013-1719 - The HTML5 Tre...
Firefox < 24.0 Multiple Vulnerabilities
The installed version of Firefox is earlier than 24.0 and is, therefore, potentially affected by the following vulnerabilities : - Memory issues exist in the browser engine that could allow for denial of service or arbitrary code execution. CVE-2013-1718, CVE-2013-1719 - The HTML5 Tree Builder do...
CVE-2013-1732
Buffer overflow in the nsFloatManager::GetFlowArea function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code via crafted use of lists and floats...