CVE-2026-3142 Pinterest Site Verification plugin using Meta Tag <= 1.8 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'post_var'

The Pinterest Site Verification plugin using Meta Tag plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'postvar' parameter in versions up to, and including, 1.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

CVE-2026-3142 Pinterest Site Verification plugin using Meta Tag <= 1.8 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'post_var'

The Pinterest Site Verification plugin using Meta Tag plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'postvar' parameter in versions up to, and including, 1.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

WordPress WordPress Pinterest Plugin - Make a Popup, User Profile, Masonry and Gallery Layout plugin <= 1.8.8 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

WordPress WordPress Pinterest Plugin - Make a Popup, User Profile, Masonry and Gallery Layout plugin = 1.8.8 - Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin GS Pins for Pinterest versions = 1.8.8...

WordPress plugin Pinterest Verify Meta Tag 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

CVE-2017-18517

The bws-pinterest plugin before 1.0.5 for WordPress has multiple XSS issues...

CVE-2023-32593 WordPress GS Pins for Pinterest plugin <= 1.6.7 - Broken Access Control vulnerability

Missing Authorization vulnerability in GS Plugins GS Pins for Pinterest allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GS Pins for Pinterest: from n/a through 1.6.7...

CVE-2024-11453

The WordPress Pinterest Plugin – Make a Popup, User Profile, Masonry and Gallery Layout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'gspinwidget' shortcode in all versions up to, and including, 1.8.8 due to insufficient input sanitization and output escaping...

CVE-2024-11453

The WordPress Pinterest Plugin – Make a Popup, User Profile, Masonry and Gallery Layout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'gspinwidget' shortcode in all versions up to, and including, 1.8.8 due to insufficient input sanitization and output escaping...

PT-2024-17004 · WordPress · Wordpress Pinterest Plugin

Name of the Vulnerable Software and Affected Versions: WordPress Pinterest Plugin versions up to, and including, 1.8.8 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'gs pin widget' shortcode due to insufficient input sanitization and output escaping on...

WordPress plugin Pinterest 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A cross-site...

CVE-2024-30192

A vulnerability in GS Plugins GS Pins for Pinterest gs-pinterest-portfolio.This issue affects GS Pins for Pinterest: from n/a through = 1.8.2...

CVE-2021-4380

The Pinterest Automatic plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on the 'wppinterestautomaticparserequest' function and the 'processform.php' script in versions up to, and including, 1.14.3. This makes it possible for unauthenticated attackers to...

WordPress GS Pins for Pinterest Plugin <= 1.6.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software GS Pins for Pinterest Type Plugin Vulnerable versions = 1.6.2 Fixed in 1.6.3 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-47150 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 65fda5a4e6dc Credits István Márton...

CVE-2022-36347

Authenticated admin+ Stored Cross-Site Scripting XSS vulnerability in Alpine Press Alpine PhotoTile for Pinterest plugin = 1.3.1 at WordPress...

Cross site scripting

Authenticated admin+ Stored Cross-Site Scripting XSS vulnerability in Alpine Press Alpine PhotoTile for Pinterest plugin = 1.3.1 at WordPress...

CVE-2022-36347

CVE-2022-36347 affects WordPress via the plugin Alpine PhotoTile for Pinterest (versions ≤ 1.3.1). The root cause is inadequate sanitization/escaping of plugin settings, enabling an authenticated attacker with admin-level privileges to perform a Stored Cross-Site Scripting (XSS) attack. Impact is...

WordPress plugin Alpine Press Alpine PhotoTile for Pinterest 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

CVE-2017-18517

The bws-pinterest plugin before 1.0.5 for WordPress has multiple XSS issues...

CVE-2017-18517

The bws-pinterest plugin before 1.0.5 for WordPress has multiple XSS issues...

Cross site scripting

The bws-pinterest plugin before 1.0.5 for WordPress has multiple XSS issues...