366 matches found
RHSA-2014:1051 Red Hat Security Advisory: flash-plugin security update
Bulletin has no description...
RHSA-2014:0860 Red Hat Security Advisory: flash-plugin security update
Bulletin has no description...
RHSA-2014:1648 Red Hat Security Advisory: flash-plugin security update
Bulletin has no description...
RHSA-2013:1818 Red Hat Security Advisory: flash-plugin security update
Bulletin has no description...
RHSA-2012:0144 Red Hat Security Advisory: flash-plugin security update
Bulletin has no description...
RHSA-2013:0149 Red Hat Security Advisory: flash-plugin security update
Bulletin has no description...
RHSA-2011:1333 Red Hat Security Advisory: flash-plugin security update
Bulletin has no description...
RHSA-2011:0372 Red Hat Security Advisory: flash-plugin security update
Bulletin has no description...
RHSA-2009:1188 Red Hat Security Advisory: flash-plugin security update
Bulletin has no description...
RHSA-2008:0945 Red Hat Security Advisory: flash-plugin security update
Bulletin has no description...
PT-2024-36308 · WordPress · The Photo Gallery
Name of the Vulnerable Software and Affected Versions: The Photo Gallery, Sliders, Proofing and WordPress plugin versions prior to 3.59.3 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks. This can occur even when the unfiltered htm...
PT-2024-34106 · WordPress · Cm Wordpress Search/Replace Plugin
Name of the Vulnerable Software and Affected Versions: CM WordPress Search And Replace Plugin versions prior to 1.3.9 Description: The issue concerns the lack of CSRF checks in certain areas of the plugin, which could allow attackers to make logged-in users perform unwanted actions via CSRF...
PT-2024-37548 · WordPress · Easy Table Of Contents
Name of the Vulnerable Software and Affected Versions: Easy Table of Contents WordPress plugin versions prior to 2.0.67.1 Description: The issue allows high privilege users, such as editors, to perform Cross-Site Scripting attacks, even when unfiltered html is disallowed, due to the plugin not...
PT-2024-36580 · WordPress · Easy Table Of Contents
Name of the Vulnerable Software and Affected Versions: Easy Table of Contents WordPress plugin versions prior to 2.0.66 Description: The issue allows high privilege users, such as editors, to perform Cross-Site Scripting attacks. This is possible because the plugin does not properly sanitise and...
PT-2024-36344 · WordPress · Paypal Pay Now
Name of the Vulnerable Software and Affected Versions: PayPal Pay Now, Buy Now, Donation and Cart Buttons Shortcode WordPress plugin versions 1.7 and earlier Description: The issue concerns the PayPal Pay Now, Buy Now, Donation and Cart Buttons Shortcode WordPress plugin, which does not properly...
PT-2024-36413 · WordPress · Responsive Video Embed
Name of the Vulnerable Software and Affected Versions: Responsive video embed WordPress plugin versions prior to 0.5.1 Description: The issue is related to the lack of validation and escaping of some shortcode attributes in the Responsive video embed WordPress plugin. This could allow users with...
PT-2024-21600 · WordPress · Socialdriver-Framework
Name of the Vulnerable Software and Affected Versions: socialdriver-framework WordPress plugin versions prior to 2024.0.0 Description: The issue arises from the socialdriver-framework WordPress plugin not validating and escaping some of its shortcode attributes before outputting them back in the...
PT-2024-25848 · WordPress · Scribit Gdpr Compliance
Name of the Vulnerable Software and Affected Versions: Scribit GDPR Compliance versions 1.2.5 and earlier Description: The issue is related to exposure of sensitive information to an unauthorized actor due to improper access control. This affects the Scribit GDPR Compliance plugin on WordPress...
Shortcodes Ultimate < 7.1.2 - Contributor+ Stored XSS
Description The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin PoC Add the following shortcode to a post: sulightbox src='123"onmouseover="alert1"'Cli...
PT-2024-20238 · WordPress · Better Comments
Name of the Vulnerable Software and Affected Versions: Better Comments WordPress plugin versions prior to 1.5.6 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks, even when the unfiltered html capability is disallowed, for example, ...