WordPress Yoast SEO Cross-Site Scripting Vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in WordPress Yoast SEO Plugin versions prior to 11.6-RC5, which ca...

WordPress Tribulant Slideshow Gallery plugin cross-site scripting vulnerability (CNVD-2019-30133)

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.Tribulant Slideshow Gallery plugin is an image autoplay plugin used in it. A cross-site scripting vulnerability exists in...

PT-2019-9289 · WordPress · Wp All Import

Name of the Vulnerable Software and Affected Versions: WP All Import plugin version 3.4.9 Description: The issue concerns multiple XSS vulnerabilities. These can be accessed via the "action=template" endpoint. It's worth noting that the vendor disputes this being a vulnerability, citing that WP A...

WP Google Maps Cross-Site Scripting Vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the wp-admin/admin.php file in versions of the WordPress...

PT-2019-11318 · Jenkins · Jenkins Kanboard Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Kanboard Plugin versions 1.5.10 and earlier Description: A server-side request forgery issue exists that allows attackers with Overall/Read permission to submit a GET request to an attacker-specified URL, potentially leading to...

WordPress rss-feed-post-generator-echo 1.0.0 Database Disclosure

Exploit Title : WordPress rss-feed-post-generator-echo Plugins 1.0.0 Database Backup Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 03/12/2018 Vendor Homepage : wordpress.org/plugins/echo-rss-feed-post-generator-free-version/ +...

WordPress Plugin Question Answer Has Multiple Cross-Site Scripting Vulnerabilities

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. Multiple cross-site scripting vulnerabilities exist in WordPress plugin Question Answer v1.2.30, which can be exploited by...

Wordpress Arigato Autoresponder and Newsletter Cross-Site Scripting Vulnerability (CNVD-2019-29703)

WordPress is a blogging platform developed by the WordPress Software Foundation using the PHP language, which supports personal blog sites on PHP and MySQL servers.Arigato Autoresponder and Newsletter is an autoresponder plugin that is used in... A cross-site scripting vulnerability exists in the...

CloudBees Jenkins TraceTronic ECU-TEST Plugin Server-Side Request Forgery Vulnerability

CloudBees Jenkins is a suite of Java-based continuous integration tools from CloudBees, Inc. that are used to monitor ongoing software releases/testing projects and some timed tasks.TraceTronic ECU-TEST Plugin is an automated test software for embedded systems that uses... TraceTronic ECU-TEST...

CloudBees Jenkins meliora-testlab Plugin Information Disclosure Vulnerability

CloudBees Jenkins is a set of U.S. CloudBees company based on Java development of continuous integration tools , it is mainly used to monitor the continuous software version release/testing projects and some timed tasks . meliora-testlab Plugin is used in one of the results of unit tests publishe...

CloudBees Jenkins Cross-Site Scripting Vulnerability (CNVD-2018-11102)

CloudBees Jenkins is the U.S. CloudBees company's set of Java-based development of continuous integration tools , it is mainly used to monitor the continuous software version of the release/testing project and some of the timed execution of the task . Groovy Postbuild Plugin is to use one of the...

Atlassian Jira Artezio Kanban Board Plugin Cross-Site Scripting Vulnerability

Atlassian Jira is a defect tracking management system from Atlassian Australia. The system is used to track and manage all types of issues and defects in the workplace.Artezio Kanban Board plugin is one of the tools used to plan, manage, monitor and review the work of the team. A cross-site...

CVE-2018-7422

A Local File Inclusion vulnerability in the Site Editor plugin through 1.1.1 for WordPress allows remote attackers to retrieve arbitrary files via the ajaxpath parameter to editor/extensions/pagebuilder/includes/ajaxshortcodepattern.php, aka absolute path traversal...

CVE-2018-6466

A cross-site scripting XSS vulnerability in flickrRSS.php in the flickrRSS plugin 5.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the flickrRSSset parameter to wp-admin/options-general.php...

WordPress Soundy Background Music Plugin Cross-Site Scripting Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site.Soundy Background Music plugin is used in one of the background music playback plugin. A cross-site scripting...

WordPress booking-calendar plugin cross-site scripting vulnerability (CNVD-2018-01252)

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site. booking-calendar plugin is used in one of the online booking plugin. A cross-site scripting vulnerability exists ...

WordPress responsive-coming-soon-page plugin cross-site scripting vulnerability (CNVD-2018-01256)

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language , the platform supports PHP and MySQL servers to set up a personal blog site . responsive-coming-soon-page plugin is used in one of the test system maintenance plugin . A cross-site scriptin...

CVE-2018-5654

An issue was discovered in the weblizar-pinterest-feeds plugin 1.1.1 for WordPress. XSS exists via the wp-admin/admin-ajax.php PFFREEAccessToken parameter...

WordPress tabs-responsive plugin cross-site scripting vulnerability

WordPress is the WordPress Software Foundation of a set of blogging platform developed using the PHP language, the platform supports PHP and MySQL server set up a personal blog site. tabs-responsive plugin is used in which a tab to add plug-ins. A cross-site scripting vulnerability exists in...

Wordpress Furikake plugin open to redirection vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites on PHP and MySQL servers.Furikake is used in one of the statistics plugin. An open redirect vulnerability exists in version 0.1.0 of the Wordpress...