PT-2023-21463 · Unknown · Mattermost

Name of the Vulnerable Software and Affected Versions: Mattermost affected versions not specified Description: The issue allows an attacker to preview code from private repositories by posting a specially crafted permalink on a channel, due to the failure to sanitize code permalinks...

Mattermost 注入漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a code injection vulnerability that stems from an inability to clean up code permalinks, which can be exploited by an attacker to preview code by posting a specially crafted lin...

CVE-2023-1843

The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to unauthorized permalink structure update due to a missing capability check on the permalinksetup function in versions up to, and including, 3.3.0. This makes it possible for unauthenticated attackers to change the...

CVE-2023-1843

The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to unauthorized permalink structure update due to a missing capability check on the permalinksetup function in versions up to, and including, 3.3.0. This makes it possible for unauthenticated attackers to change the...

CVE-2023-1843

The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to unauthorized permalink structure update due to a missing capability check on the permalinksetup function in versions up to, and including, 3.3.0. This makes it possible for unauthenticated attackers to change the...

Design/Logic Flaw

The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to unauthorized permalink structure update due to a missing capability check on the permalinksetup function in versions up to, and including, 3.3.0. This makes it possible for unauthenticated attackers to change the...

CVE-2023-1843 Metform Elementor Contact Form Builder <= 3.3.0 - Missing Authorization

The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to unauthorized permalink structure update due to a missing capability check on the permalinksetup function in versions up to, and including, 3.3.0. This makes it possible for unauthenticated attackers to change the...

CVE-2023-1843 Metform Elementor Contact Form Builder <= 3.3.0 - Missing Authorization

The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to unauthorized permalink structure update due to a missing capability check on the permalinksetup function in versions up to, and including, 3.3.0. This makes it possible for unauthenticated attackers to change the...

PT-2023-17275 · WordPress · Metform Elementor Contact Form Builder

Name of the Vulnerable Software and Affected Versions: Metform Elementor Contact Form Builder plugin for WordPress versions up to, and including, 3.3.0 Description: The issue allows unauthorized updates to the permalink structure due to a missing capability check on the permalink setup function...

WordPress Plugin Metform Elementor Contact Form Builder 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

Metform Elementor Contact Form Builder < 3.3.2 - Unauthenticated Permalink Structure Update

The plugin does not properly implement capability checks on the permalinksetup function, leading to unauthorized permalink structure updates...

CVE-2022-4410

The Permalink Manager Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including 2.2.20.3 due to improper output escaping on post/page/media titles. This makes it possible for attackers to inject arbitrary web scripts on the permalink-manager page if...

CVE-2022-4410

The Permalink Manager Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including 2.2.20.3 due to improper output escaping on post/page/media titles. This makes it possible for attackers to inject arbitrary web scripts on the permalink-manager page if...

Cross site scripting

The Permalink Manager Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including 2.2.20.3 due to improper output escaping on post/page/media titles. This makes it possible for attackers to inject arbitrary web scripts on the permalink-manager page if...

CVE-2022-4410 Permalink Manager Lite <= 2.2.20.3 - Authenticated Stored Cross-Site Scripting

The Permalink Manager Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including 2.2.20.3 due to improper output escaping on post/page/media titles. This makes it possible for attackers to inject arbitrary web scripts on the permalink-manager page if...

CVE-2022-4410

The Permalink Manager Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting (XSS) through improper output escaping on post/page/media titles, affecting versions up to and including 2.2.20.3. An attacker can inject arbitrary scripts on the permalink-manager page if another plugin ...

CVE-2022-4410 Permalink Manager Lite <= 2.2.20.3 - Authenticated Stored Cross-Site Scripting

The Permalink Manager Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including 2.2.20.3 due to improper output escaping on post/page/media titles. This makes it possible for attackers to inject arbitrary web scripts on the permalink-manager page if...

WordPress plugin Permalink Manager Lite 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2022-27110 · WordPress · Permalink Manager Lite

Name of the Vulnerable Software and Affected Versions: Permalink Manager Lite plugin for WordPress versions up to, and including 2.2.20.3 Description: The issue arises from improper output escaping on post/page/media titles, allowing Stored Cross-Site Scripting attacks. This enables attackers to...

WordPress Permalink Manager Lite has an unspecified vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL. WordPress plugin is an application plugin. WordPress...