10 matches found
EUVD-2021-11257
Malware in sbrugna...
CVE-2021-24789
The Flat Preloader WordPress plugin before 1.5.5 does not escape some of its settings when outputting them in attribute in the frontend, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...
CVE-2024-56022
CVE-2024-56022: Reflected Cross-Site Scripting in Preloader by WordPress Monsters (WordPress Monsters Preloader). The vulnerability arises from improper input neutralization during web page generation, enabling reflected XSS. Affected product: Preloader by WordPress Monsters; affected versions: f...
WordPress plugin Preloader by WordPress Monsters 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in...
WordPress Preloader for Website Plugin <= 1.2.2 is vulnerable to Broken Access Control
Software Preloader for Website Type Plugin Vulnerable versions = 1.2.2 Fixed in 1.3 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-48273 Patch priority Medium CVSS severity Medium 5.3 Developer Claim ownership PSID d41468183f67 Credits Nguyen Xuan Chien...
CVE-2023-23675
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Catchsquare WP Smart Preloader plugin = 1.15 versions...
CVE-2023-23675
CVE-2023-23675 relates to a stored XSS vulnerability in the WordPress plugin WP Smart Preloader (Catchsquare) for versions
CVE-2023-23675 WordPress WP Smart Preloader Plugin <= 1.15 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Catchsquare WP Smart Preloader plugin = 1.15 versions...
WordPress 跨站脚本漏洞
WordPress is a set of blogging platforms developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. WordPress Flat Preloader Plugin in versions prior to 1.5.5 has a cross-site scripting vulnerability that stems from...
WordPress Easy Preloader plugin <= 1.0.0 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Kishore Hariram in WordPress Easy Preloader plugin versions = 1.0.0. Solution This plugin has been closed as of May 4, 2021 and is not available for download. This closure is temporary, pending a full review...