WordPress Plugin Responsive Lightbox & Gallery Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

PT-2023-31092 · Unknown · Dfactory Responsive Lightbox & Gallery

Name of the Vulnerable Software and Affected Versions: dFactory Responsive Lightbox & Gallery versions 2.4.5 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that a...

Command injection

A vulnerability was found in Totolink X5000R 9.1.0cu.2300B20230112. It has been rated as critical. This issue affects the function...

CVE-2023-6612 Totolink X5000R cstecgi.cgi setWizardCfg os command injection

A vulnerability was found in Totolink X5000R 9.1.0cu.2300B20230112. It has been rated as critical. This issue affects the function...

Sql injection

A vulnerability has been found in Tongda OA 2017 up to 11.10 and classified as critical. Affected by this vulnerability is an unknown functionality of the file general/wiki/cp/manage/delete.php. The manipulation of the argument TERMIDSTR leads to sql injection. The exploit has been disclosed to t...

Sql injection

A vulnerability has been found in D-Link DAR-7000 up to 20231126 and classified as critical. This vulnerability affects unknown code of the file /user/inc/workidajax.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and may be used...

Sql injection

A vulnerability was found in Beijing Baichuo S210 up to 20231121. It has been classified as critical. This affects an unknown part of the file /Tool/repair.php of the component HTTP POST Request Handler. The manipulation of the argument txt leads to sql injection. It is possible to initiate the...

CVE-2023-45762

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Michael Uno miunosoft Responsive Column Widgets.This issue affects Responsive Column Widgets: from n/a through 1.2.7...

CVE-2023-45762

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Michael Uno miunosoft Responsive Column Widgets.This issue affects Responsive Column Widgets: from n/a through 1.2.7...

Open redirect

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Michael Uno miunosoft Responsive Column Widgets.This issue affects Responsive Column Widgets: from n/a through 1.2.7...

CVE-2023-45762

CVE-2023-45762 is an Open Redirect vulnerability in the WordPress plugin Responsive Column Widgets (versions

PT-2023-29677 · Unknown · Responsive Column Widgets

Name of the Vulnerable Software and Affected Versions: Responsive Column Widgets versions 1.2.7 and earlier Description: The issue is related to a URL Redirection to Untrusted Site, also known as an 'Open Redirect' vulnerability. This vulnerability allows an attacker to redirect users to untruste...

WordPress Plugin Responsive Column Widgets Input Validation Error Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. An input validation error...

Responsive Lightbox < 2.4.6 - Authenticated (Author+) Stored Cross-Site Scripting via name

Description The Responsive Lightbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘name’ parameter in versions up to, and including, 2.4.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author-level...

CVE-2023-38400

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kriesi Enfold - Responsive Multi-Purpose Theme allows Reflected XSS.This issue affects Enfold - Responsive Multi-Purpose Theme: from n/a through 5.6.4...

CVE-2023-38400

CVE-2023-38400 affects Enfold - Responsive Multi-Purpose Theme (WordPress) up to version 5.6.4. The issue is a Reflected Cross-Site Scripting (XSS) caused by improper neutralization of input during web page generation. Exploitation details are not provided in the supplied documents, but Patchstac...

WordPress Responsive Lightbox Plugin <= 2.4.5 is vulnerable to Cross Site Scripting (XSS)

Software Responsive Lightbox Type Plugin Vulnerable versions = 2.4.5 Fixed in 2.4.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-49174 Patch priority High CVSS severity High 5.9 Developer Claim ownership PSID 96d318dd5de5 Credits emad Required privilege Author...

CVE-2023-6308

A vulnerability, which was classified as critical, has been found in Xiamen Four-Faith Video Surveillance Management System 2016/2017. Affected by this issue is some unknown functionality of the component Apache Struts. The manipulation leads to unrestricted upload. The attack may be launched...

CVE-2023-6274

A vulnerability was found in Byzoro Smart S80 up to 20231108. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /sysmanage/updatelib.php of the component PHP File Handler. The manipulation of the argument fileupload leads to unrestricted...

Responsive Column Widgets <= 1.2.7 - Open Redirect via responsive_column_widgets_link

Description The Responsive Column Widgets plugin for WordPress is vulnerable to Open Redirect in versions up to, and including, 1.2.7. This is due to insufficient validation on the redirect url supplied via the responsivecolumnwidgetslink parameter. This makes it possible for unauthenticated...