PromoBar by BestWebSoft < 1.1.1 - Cross-Site Scripting

The promobar plugin before 1.1.1 for WordPress has multiple XSS issues. id: CVE-2017-18529 info: name: PromoBar by BestWebSoft 1.1.1 - Cross-Site Scripting author: luisfelipe146 severity: medium description: | The promobar plugin before 1.1.1 for WordPress has multiple XSS issues. impact: |...

CVE-2017-18529

The promobar plugin before 1.1.1 for WordPress has multiple XSS issues...

CVE-2022-2423

The DW Promobar WordPress plugin through 1.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2022-2423

The DW Promobar WordPress plugin through 1.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2022-2423

The DW Promobar WordPress plugin through 1.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup...

Cross site scripting

The DW Promobar WordPress plugin through 1.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2022-2423

The CVE-2022-2423 entry concerns the DW Promobar WordPress plugin (versions up to 1.0.4). Affected component: plugin settings handling that does not sanitize/escape certain settings, enabling Stored XSS. Root cause: improper sanitization/escaping when unfiltered_html is disallowed (e.g., multisit...

PT-2022-16549 · WordPress · Dw Promobar

Name of the Vulnerable Software and Affected Versions: DW Promobar WordPress plugin versions 1.0.0 through 1.0.4 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks when the unfiltered html capability is disallowed, for example in a...

WordPress plugin DW Promobar 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

DW Promobar <= 1.0.4 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup Put the following payload in any of the plugin settings...

WordPress DW Promobar plugin <= 1.0.4 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Vinay Varma Mudunuri, Krishna Harsha Kondaveeti in WordPress DW Promobar plugin versions = 1.0.4. Solution Deactivate and delete. This plugin has been closed as of July 15, 2022 and is not available for download. This closu...

WordPress promobar plugin cross-site scripting vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. promobar is a plugin used in it to add page banners with timing features. A cross-site scripting vulnerability exists in the WordPress...

CVE-2017-18529

The promobar plugin before 1.1.1 for WordPress has multiple XSS issues...

CVE-2017-18529

The promobar plugin before 1.1.1 for WordPress has multiple XSS issues...

Cross site scripting

The promobar plugin before 1.1.1 for WordPress has multiple XSS issues...

CVE-2017-18529

The CVE-2017-18529 entry concerns the WordPress promobar plugin (before 1.1.1) with multiple XSS issues. Nuclei and vendor data confirm affected software: promobar plugin for WordPress,

CVE-2017-18529

The promobar plugin before 1.1.1 for WordPress has multiple XSS issues...