WordPress plugin Order Your Posts Manually 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

CVE-2023-31218

Cross-Site Request Forgery CSRF leading to Stored Cross-Site Scripting XSS vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional plugin = 1.0.6 versions...

WordPress Schedule Posts Calendar Plugin <= 5.2 is vulnerable to Cross Site Scripting (XSS)

Software Schedule Posts Calendar Type Plugin Vulnerable versions = 5.2 Fixed in 5.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-40560 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID c1fc3aefabc0 Credits Rio Darmawan Requir...

WordPress Schedule Posts Calendar Plugin <= 5.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software Schedule Posts Calendar Type Plugin Vulnerable versions = 5.2 Fixed in 5.3 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-40556 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID a1a078a12ea5 Credits Nguyen Xuan Chi...

CVE-2023-4308

The User Submitted Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘user-submitted-content’ parameter in versions up to, and including, 20230809 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inje...

Cross site scripting

The User Submitted Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘user-submitted-content’ parameter in versions up to, and including, 20230809 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inje...

CVE-2023-4308 User Submitted Posts <= 20230809 - Unauthenticated Stored Cross-Site Scripting via 'user-submitted-content'

The User Submitted Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘user-submitted-content’ parameter in versions up to, and including, 20230809 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inje...

CVE-2023-4308 User Submitted Posts <= 20230809 - Unauthenticated Stored Cross-Site Scripting via 'user-submitted-content'

The User Submitted Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘user-submitted-content’ parameter in versions up to, and including, 20230809 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inje...

WordPress User Submitted Posts Plugin <= 20230809 is vulnerable to Cross Site Scripting (XSS)

Software User Submitted Posts Type Plugin Vulnerable versions = 20230809 Fixed in 20230811 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4308 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 7067f0962238 Credits NGÔ THI...

WordPress Plugin User Submitted Posts Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress...

CVE-2023-23826

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Arsham Mirshah Add Posts to Pages plugin = 1.4.1 versions...

CVE-2023-23826

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Arsham Mirshah Add Posts to Pages plugin = 1.4.1 versions...

Cross site scripting

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Arsham Mirshah Add Posts to Pages plugin = 1.4.1 versions...

CVE-2023-23826

CVE-2023-23826 corresponds to a Stored Cross-Site Scripting (XSS) vulnerability in the WordPress plugin Add Posts to Pages, affected

CVE-2023-23826 WordPress Add Posts to Pages Plugin <= 1.4.1 is vulnerable to Cross Site Scripting (XSS)

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Arsham Mirshah Add Posts to Pages plugin = 1.4.1 versions...

WordPress plugin add-posts-to-pages cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

WordPress plugin wp-category-posts-list cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress Ultimate Posts Widget Plugin <= 2.2.4 is vulnerable to Broken Access Control

Software Ultimate Posts Widget Type Plugin Vulnerable versions = 2.2.4 Fixed in 2.2.5 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-0958 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 65c113fe970b Credits WordFence Required...

WordPress Ultimate Posts Widget Plugin <= 2.2.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software Ultimate Posts Widget Type Plugin Vulnerable versions = 2.2.4 Fixed in 2.2.5 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-3977 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID ecda45839866 Credits WordFence...

Discourse 安全漏洞

Discourse is an open source community discussion platform. The platform includes features such as communities, email and chat rooms. Discourse suffers from a security vulnerability that stems from the ability of a malicious user to edit posts in a thread and trigger a DoS with a carefully crafted...