74 matches found
CVE-2023-46824
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Om Ak Solutions Slick Popup: Contact Form 7 Popup Plugin plugin = 1.7.14 versions...
CVE-2012-5553
Multiple cross-site scripting XSS vulnerabilities in the OM Maximenu module 6.x-1.x before 6.x-1.44 and 7.x-1.x before 7.x-1.44 for Drupal allow remote authenticated users with the "administer OM Maximenu" permission to inject arbitrary web script or HTML via the 1 Menu Title 2 Link Title, 3 Path...
CVE-2012-6065
The OM Maximenu module 6.x-1.43 and earlier for Drupal, when the "Title has PHP" option is enabled, allows remote authenticated users with the "Administer OM Maximenu" permission to execute arbitrary PHP code via a "Link Title," a different vulnerability than CVE-2012-5553...
CVE-2024-13631
The Om Stripe WordPress plugin through 02.00.00 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
WordPress OM Stripe plugin <= 02.00.00 - Reflected XSS vulnerability
Reflected XSS vulnerability discovered by Hassan Khan Yusufzai - Splint3r7 in WordPress Plugin Om Stripe versions = 02.00.00...
CVE-2024-13631
The Om Stripe WordPress plugin through 02.00.00 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-13631
The Om Stripe WordPress plugin through 02.00.00 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-13631
CVE-2024-13631 affects the Om Stripe WordPress plugin (versions up to 02.00.00). The issue is a Reflected Cross-Site Scripting (XSS) caused by insufficient sanitisation/escaping of a parameter before echoing it on the page. Impact is described as potential abuse against high-privilege users such ...
CVE-2024-13631 OM Stripe <= 02.00.00 - Reflected XSS
The Om Stripe WordPress plugin through 02.00.00 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-13631 OM Stripe <= 02.00.00 - Reflected XSS
The Om Stripe WordPress plugin through 02.00.00 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
WordPress plugin Om Stripe 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
PT-2025-8678 · WordPress · Om Stripe Wordpress Plugin
Name of the Vulnerable Software and Affected Versions: Om Stripe WordPress plugin versions through 02.00.00 Description: The issue is related to a Reflected Cross-Site Scripting problem, where a parameter is not properly sanitised and escaped before being outputted back in the page. This could be...
Healthcare-Chatbot Security Vulnerability
Healthcare-Chatbot is a healthcare chatbot by Om Rajpurkar Personal Developer. A security vulnerability exists in Healthcare-Chatbot version 9b7058a and prior versions. An attacker could exploit this vulnerability to perform cross-site scripting attacks...
rusty_paseto vulnerable to private key extraction due to ed25519-dalek dependency
Impact The vulnerability, known as RUSTSEC-2022-0093, impacts the ed25519-dalek crate, which is a dependency of the rusty-paseto crate. This issue arises from a "Double Public Key Signing Function Oracle Attack" affecting versions of ed25519-dalek prior to v2.0. These versions expose an unsafe AP...
CVE-2023-46824
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Om Ak Solutions Slick Popup: Contact Form 7 Popup Plugin plugin = 1.7.14 versions...
CVE-2023-46824
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Om Ak Solutions Slick Popup: Contact Form 7 Popup Plugin plugin = 1.7.14 versions...
CVE-2023-46824
Slick Popup: Contact Form 7 Popup Plugin for WordPress (plugin
CVE-2023-46824 WordPress Slick Popup Plugin <= 1.7.14 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Om Ak Solutions Slick Popup: Contact Form 7 Popup Plugin plugin = 1.7.14 versions...
CVE-2023-46824 WordPress Slick Popup Plugin <= 1.7.14 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Om Ak Solutions Slick Popup: Contact Form 7 Popup Plugin plugin = 1.7.14 versions...
om-trader.com Cross Site Scripting vulnerability OBB-3367930
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...