WordPress Image Gallery plugin <= 1.4.5 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Steven Julian Patchstack Alliance in WordPress Plugin Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery versions = 1.4.5...

WP Mobile Menu – The Mobile-Friendly Responsive Menu < 2.8.4.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Alt

Description The WP Mobile Menu – The Mobile-Friendly Responsive Menu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via image alt text in all versions up to, and including, 2.8.4.2 due to insufficient input sanitization and output escaping. This makes it possible for...

WordPress Responsive Image Gallery, Gallery Album Plugin <= 2.0.3 is vulnerable to SQL Injection

Software Responsive Image Gallery, Gallery Album Type Plugin Vulnerable versions = 2.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-35750 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID 7022b0228c38 Credits LVT-tholv2k Required...

CVE-2024-5653

A vulnerability, which was classified as critical, has been found in Chanjet Smooth T+system 3.5. This issue affects some unknown processing of the file /tplus/UFAQD/keyEdit.aspx. The manipulation of the argument KeyID leads to sql injection. The attack may be initiated remotely. The exploit has...

CVE-2024-5222

The Responsive Addons – Starter Templates, Advanced Features and Customizer Settings for Responsive Theme. plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's file uploader in all versions up to, and including, 3.0.5 due to insufficient input sanitization and output...

CVE-2024-5222

The Responsive Addons – Starter Templates, Advanced Features and Customizer Settings for Responsive Theme. plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's file uploader in all versions up to, and including, 3.0.5 due to insufficient input sanitization and output...

WordPress Responsive Addons plugin <= 3.0.5 - Authenticated (Author+) Stored Cross-Site Scripting vulnerability

Authenticated Author+ Stored Cross-Site Scripting vulnerability discovered by wesley wcraft in WordPress Plugin Responsive Plus versions = 3.0.5...

WordPress Gutenberg & Elementor Templates Importer For Responsive Plugin <= 3.0.5 is vulnerable to Cross Site Scripting (XSS)

Software Gutenberg & Elementor Templates Importer For Responsive Type Plugin Vulnerable versions = 3.0.5 Fixed in 3.0.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5222 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID...

WordPress plugin Responsive Addons 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

CVE-2024-35654

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in CyberChimps Responsive allows Stored XSS.This issue affects Responsive: from n/a through 5.0.3...

CVE-2023-49852

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Vsourz Digital Responsive Slick Slider WordPress allows Code Injection.This issue affects Responsive Slick Slider WordPress: from n/a through 1.4...

CVE-2023-49852 WordPress Responsive Slick Slider WordPress plugin <= 1.4 - Content Injection vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Vsourz Digital Responsive Slick Slider WordPress allows Code Injection.This issue affects Responsive Slick Slider WordPress: from n/a through 1.4...

CVE-2023-45635

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in WP Darko Responsive Tabs allows Code Injection.This issue affects Responsive Tabs: from n/a before 4.0.6...

CVE-2023-45635 WordPress Responsive Tabs plugin < 4.0.6 - HTML Content Injection vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in WP Darko Responsive Tabs allows Code Injection.This issue affects Responsive Tabs: from n/a before 4.0.6...

CVE-2023-45635 WordPress Responsive Tabs plugin < 4.0.6 - HTML Content Injection vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in WP Darko Responsive Tabs allows Code Injection.This issue affects Responsive Tabs: from n/a before 4.0.6...

Responsive Addons – Starter Templates, Advanced Features and Customizer Settings for Responsive Theme. < 3.0.6 - Authenticated (Author+) Stored Cross-Site Scripting

Description The Responsive Addons – Starter Templates, Advanced Features and Customizer Settings for Responsive Theme. plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's file uploader in all versions up to, and including, 3.0.5 due to insufficient input sanitizatio...

CVE-2024-0336 Improper Access Control in EMTA Grups PDKS

Missing Authentication for Critical Function vulnerability in EMTA Grup PDKS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects PDKS: from V3.04 before 20240603. NOTE: The vendor was contacted early about this disclosure but did not respond in any way...

WordPress Responsive theme <= 5.0.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Theme Responsive versions = 5.0.3...

CVE-2024-5589

A vulnerability was found in Netentsec NS-ASG Application Security Gateway 6.3. It has been classified as critical. This affects an unknown part of the file /admin/configMT.php?action=delete. The manipulation of the argument Mid leads to sql injection. It is possible to initiate the attack...

WordPress Responsive Theme <= 5.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Responsive Type Theme Vulnerable versions = 5.0.3 Fixed in 5.0.3.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-35654 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID c102ae479f0d Credits stealthcopter Required privilege Contribut...