CVE-2024-1664 Responsive Gallery Grid < 2.3.11 - Admin+ Stored XSS

The Responsive Gallery Grid WordPress plugin before 2.3.11 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-1664 Responsive Gallery Grid < 2.3.11 - Admin+ Stored XSS

The Responsive Gallery Grid WordPress plugin before 2.3.11 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

Responsive Tabs < 4.0.7 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The Responsive Tabs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the tabscolor value in all versions up to, and including, 4.0.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

WordPress Plugin Responsive Gallery Grid 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in...

PT-2024-18209 · WordPress · Responsive Gallery Grid

Name of the Vulnerable Software and Affected Versions: Responsive Gallery Grid WordPress plugin versions prior to 2.3.11 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks, even when the unfiltered html capability is disallowed, for...

Responsive flipbook <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The Responsive flipbook plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to...

transformativetech.org Cross Site Scripting vulnerability OBB-3897806

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Creative Image Slider – Responsive Slider Plugin < 2.5.0 - Reflected Cross-Site Scripting

Description The Creative Image Slider – Responsive Slider Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 2.1.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

CVE-2024-3202

A vulnerability, which was classified as problematic, has been found in codelyfe Stupid Simple CMS 1.2.4. This issue affects some unknown processing of the component Login Page. The manipulation leads to improper restriction of excessive authentication attempts. The attack may be initiated...

WordPress Responsive theme <= 5.0.2 - Missing Authorization to HMTL Injection vulnerability

Missing Authorization to HMTL Injection vulnerability discovered by Krzysztof Zając - CERT PL, Muhammad Zeeshan Xib3rR4dAr in WordPress Theme Responsive versions = 5.0.2...

VulnCheck KEV: CVE-2024-2848

The Responsive theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the savefootertextcallback function in all versions up to, and including, 5.0.2. This makes it possible for unauthenticated attackers to inject arbitrary HTML content into...

CVE-2024-30550

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpdevart Responsive Image Gallery, Gallery Album allows Reflected XSS.This issue affects Responsive Image Gallery, Gallery Album: from n/a through 2.0.3...

CVE-2024-30552

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wppdf.Org Responsive flipbook allows Stored XSS.This issue affects Responsive flipbook: from n/a through 1.0.0...

CVE-2024-30550

CVE-2024-30550 refers to an XSS vulnerability in wpdevart’s Responsive Image Gallery / Gallery Album. The issue is described as Reflected Cross-Site Scripting due to improper input neutralization during web page generation, affecting Gallery Album versions from n/a through 2.0.3. Connected source...

CVE-2024-30552

Technical details for CVE-2024-30552 are not provided in the supplied documents. Monitor for updates on affected products/versions and remediation.

CVE-2024-31120

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpdevart Responsive Image Gallery, Gallery Album allows Stored XSS.This issue affects Responsive Image Gallery, Gallery Album: from n/a through 2.0.3...

CVE-2024-31120

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpdevart Responsive Image Gallery, Gallery Album allows Stored XSS.This issue affects Responsive Image Gallery, Gallery Album: from n/a through 2.0.3...

WordPress Plugin Responsive flipbook 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin Responsive flipbook A...

PT-2024-23482 · Unknown · Wppdf.Org Responsive Flipbook

Name of the Vulnerable Software and Affected Versions: wppdf.Org Responsive flipbook versions 1.0.0 and earlier Description: The issue is related to improper neutralization of input during web page generation, which leads to a Stored Cross-site Scripting XSS vulnerability. This allows for the...

CVE-2024-30447

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Creative Solutions Creative Image Slider – Responsive Slider Plugin allows Reflected XSS.This issue affects Creative Image Slider – Responsive Slider Plugin: from n/a through 2.1.3...