WordPress amtyThumb Posts 8.1.3 - Cross-Site Scripting

WordPress amty-thumb-recent-post plugin 8.1.3 contains a cross-site scripting vulnerability via the query string to amtyThumbPostsAdminPg.php. id: CVE-2017-17059 info: name: WordPress amtyThumb Posts 8.1.3 - Cross-Site Scripting author: daffainfo severity: medium description: WordPress...

WordPress Carousel, Recent Post Slider and Banner Slider plugin <= 2.1 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Spice Post Slider versions = 2.1...

WordPress WP Responsive Recent Post Slider/Carousel plugin <= 3.7.1 - Backdoor vulnerability

Backdoor vulnerability discovered by ? in WordPress Plugin WP Responsive Recent Post Slider/Carousel versions = 3.7.1...

EUVD-2023-51770

Malicious code in bioql PyPI...

CVE-2023-47671

Cross-Site Request Forgery CSRF vulnerability in Gopi Ramasamy Vertical scroll recent.This issue affects Vertical scroll recent post: from n/a through 14.0...

CVE-2022-1171

The Vertical scroll recent post WordPress plugin before 14.0 does not sanitise and escape a parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting...

CVE-2023-47671 WordPress Vertical scroll recent post Plugin <= 14.0 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Gopi Ramasamy Vertical scroll recent.This issue affects Vertical scroll recent post: from n/a through 14.0...

WordPress WP Responsive Recent Post Slider/Carousel Plugin <= 3.4 is vulnerable to Broken Access Control

Software WP Responsive Recent Post Slider/Carousel Type Plugin Vulnerable versions = 3.4 Fixed in 3.5 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-40200 Patch priority Medium CVSS severity Medium 5.3 Developer Claim ownership PSID 9480041e2654 Credits...

WordPress Vertical scroll recent post Plugin <= 14.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Vertical scroll recent post Type Plugin Vulnerable versions = 14.0 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-47671 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID f7a96235f589 Credits LEE SE...

WordPress Plugin Carousel, Recent Post Slider and Banner Slider Cross-Site Scripting Vulnerabilities

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

CVE-2023-23862

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Gopi Ramasamy Vertical scroll recent post plugin = 14.0 versions...

CVE-2023-23862

CVE-2023-23862 corresponds to a Stored XSS in the WordPress plugin Vertical scroll recent post (by Gopi Ramasamy), affecting versions

WordPress plugin Vertical scroll recent post 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

WordPress Vertical scroll recent post Plugin <= 14.0 is vulnerable to Cross Site Scripting (XSS)

Software Vertical scroll recent post Type Plugin Vulnerable versions = 14.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23862 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 4392e27a6637 Credits yuyudhn Requir...

Vertical scroll recent post <= 14.0 - Contributor+ Stored Cross-Site Scripting

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

WordPress plugin Vertical scroll recent post 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...

WordPress Vertical scroll recent post plugin <= 13.8 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by p7e4 in WordPress Vertical scroll recent post plugin versions = 13.8. Solution Update the WordPress Vertical scroll recent post plugin to the latest available version at least 14.0...

Vertical scroll recent post < 14.0 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape a parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting PoC https://example.com/wp-admin/options-general.php?page=vertical-scroll-recent-post=editid=0%22%3E%3Csvg%2Fonload%3Dalert%28%2Fxss%2F%29%3E...

Vertical scroll recent post < 14.0 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape a parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting https://example.com/wp-admin/options-general.php?page=vertical-scroll-recent-post&action=edit&vsrpid=0%22%3E%3Csvg%2Fonload%3Dalert%28%2Fxss%2F%29%3E...