18 matches found
CVE-2023-45010
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Alex MacArthur Complete Open Graph plugin = 3.4.5 versions...
EUVD-2018-1389
Malware in sbrugna...
EUVD-2023-49332
Malicious code in bioql PyPI...
CVE-2024-5615
The Open Graph plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.11.2 via the 'opengraphdefaultdescription' function. This makes it possible for unauthenticated attackers to extract sensitive data including partial content of...
WordPress Open Graph plugin <= 1.11.2 - Unauthenticated Sensitive Information Exposure vulnerability
Unauthenticated Sensitive Information Exposure vulnerability discovered by Krzysztof Zając in WordPress Plugin Open Graph versions = 1.11.2...
CVE-2024-5615
The Open Graph plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.11.2 via the 'opengraphdefaultdescription' function. This makes it possible for unauthenticated attackers to extract sensitive data including partial content of...
CVE-2024-5615
The Open Graph plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.11.2 via the 'opengraphdefaultdescription' function. This makes it possible for unauthenticated attackers to extract sensitive data including partial content of...
CVE-2024-5615
The CVE-2024-5615 entry concerns the WordPress Open Graph plugin vulnerability allowing Sensitive Information Exposure via opengraph_default_description in versions up to 1.11.2. Connected Red Hat entry repeats this description; no additional technical details (e.g., patch version or concrete exp...
CVE-2024-5615 Open Graph <= 1.11.2 - Unauthenticated Sensitive Information Exposure
The Open Graph plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.11.2 via the 'opengraphdefaultdescription' function. This makes it possible for unauthenticated attackers to extract sensitive data including partial content of...
WordPress Open Graph Plugin <= 1.11.2 is vulnerable to Sensitive Data Exposure
Software Open Graph Type Plugin Vulnerable versions = 1.11.2 Fixed in 1.11.3 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-5615 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 6f80c0f253be Credits Krzysztof Zając Required...
WordPress plugin Open Graph security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
CVE-2023-45010
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Alex MacArthur Complete Open Graph plugin = 3.4.5 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Alex MacArthur Complete Open Graph plugin = 3.4.5 versions...
CVE-2023-45010
CVE-2023-45010 – WordPress Complete Open Graph Plugin ≤ 3.4.5 is vulnerable to admin+ Stored XSS. Root cause: insufficient input validation/escaping in plugin parameters, enabling stored XSS. Multiple connected sources (NVD, Red Hat, WP/distro feeds) confirm the vulnerability and affected version...
WordPress Plugin Complete Open Graph Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...
WordPress WP Open Graph plugin cross-site request forgery vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WP Open Graph plugin is one of the plugins used to add Facebook metadata to web pages. A cross-site request forgery vulnerability exist...
CVE-2018-0579
Cross-site scripting vulnerability in Open Graph for Facebook, Google+ and Twitter Card Tags plugin prior to version 2.2.4.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
WordPress plugin "Open Graph for Facebook, Google+ and Twitter Card Tags" vulnerable to cross-site scripting
Overview The WordPress plugin "Open Graph for Facebook, Google+ and Twitter Card Tags" provided by Webdados contains a reflected cross-site scripting vulnerability CWE-79. Chris Liu reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warni...