CVE-2024-13493

The Sensly Online Presence WordPress plugin through 0.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-13493

The Sensly Online Presence WordPress plugin through 0.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

PT-2023-2278 · Coredial · Sipxcom

Name of the Vulnerable Software and Affected Versions: CoreDial sipXcom versions up to and including 21.04 Description: The issue is related to Improper Neutralization of Argument Delimiters in a Command, allowing XMPP users to inject arbitrary arguments into a system command. This can be used to...

WordPress Human Presence plugin <= 2.0.8 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability

Unauthenticated Reflected Cross-Site Scripting XSS vulnerability found by Ricardo Sanchez in WordPress Human Presence plugin versions = 2.0.8. Solution 11 September 2019 - we were unable to find a patched version of this plugin...