CVE-2015-5484

CVE-2015-5484 is a stored XSS vulnerability in the WordPress Plotly plugin prior to 1.0.3. It allows remote authenticated users to inject arbitrary script/HTML into posts, potentially affecting other site users. Affected component: Plotly WordPress plugin; vulnerability path: XSS via post content...

CVE-2015-5484

Cross-site scripting XSS vulnerability in the Plotly plugin before 1.0.3 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via a post...

WordPress wp-plotly plugin cross-site scripting vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. wp-plotly is a plugin for embedding interactive Plotly charts in pages. A cross-site scripting vulnerability exists in the WordPress...

CVE-2015-9347

The wp-plotly plugin before 1.0.3 for WordPress has XSS by authors...

Design/Logic Flaw

The wp-plotly plugin before 1.0.3 for WordPress has XSS by authors...

CVE-2015-9347

The wp-plotly WordPress plugin (versions prior to 1.0.3) is affected by a cross-site scripting (XSS) vulnerability. The issue arises from insufficient validation of client-side data in the plugin, enabling an attacker to execute client-side code. Some sources reference an authenticated stored XSS...

CVE-2015-9347

The wp-plotly plugin before 1.0.3 for WordPress has XSS by authors...

IDAsec - IDA plugin for reverse-engineering and dynamic interactions with the Binsec platform

IDA plugin for reverse-engineering and dynamic interactions with the Binsec platform Features Decoding an instruction in DBA IR Loading execution traces generated by Pinsec Triggering analyzes on Binsec and retrieving results Dependencies protobuf ZMQ capstone for trace disassembly graphviz to dr...

Cross-site Scripting

plotly-js is vulnerable to cross-site scripting XSS attacks. The vulnerability exists due the lack of URI encoding in the href field that defines the special popup attribute...

CVE-2017-1000006

Plotly, Inc. plotly.js versions prior to 1.16.0 are vulnerable to an XSS issue...

Cross site scripting

Plotly, Inc. plotly.js versions prior to 1.16.0 are vulnerable to an XSS issue...

CVE-2017-1000006

Summary: CVE-2017-1000006 affects Plotly’s plotly.js versions prior to 1.16.0, introducing a cross-site scripting (XSS) vulnerability. Component/affected software: plotly.js (Plotly, Inc.). Root cause / nature: XSS in rendering of plots; vulnerable to injection that can lead to script execution i...

CVE-2017-1000006

Plotly, Inc. plotly.js versions prior to 1.16.0 are vulnerable to an XSS issue...

WordPress Plotly Plugin HTML Injection Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language , the platform supports in PHP and MySQL server set up personal blog site . Plotly is one of the plugin to the Wordpress site embedded Plotly charts . An HTML injection vulnerability exists ...

WordPress Plotly 1.0.2 Cross Site Scripting

Details ================ Software: Plotly Version: 1.0.2 Homepage: http://wordpress.org/plugins/wp-plotly/ Advisory report: https://security.dxw.com/advisories/stored-xss-in-plotly-allows-less-privileged-users-to-insert-arbitrary-javascript-into-posts/ CVE: CVE-2015-5484 CVSS: 6.5 Medium;...

Plotly <= 1.0.2 - Authenticated Stored Cross-Site Scripting (XSS)

The Plotly WordPress plugin was affected by an Authenticated Stored Cross-Site Scripting XSS security vulnerability...