Responsive Column Widgets <= 1.2.7 - Reflected XSS

Description The plugin does not sanitise and escape the tab parameter before outputting it back in the page, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2023-47520

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Michael Uno miunosoft Responsive Column Widgets plugin = 1.2.7 versions...

CVE-2023-47520

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Michael Uno miunosoft Responsive Column Widgets plugin = 1.2.7 versions...

CVE-2023-47520 WordPress Responsive Column Widgets Plugin <= 1.2.7 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Michael Uno miunosoft Responsive Column Widgets plugin = 1.2.7 versions...

CVE-2023-47520

CVE-2023-47520 : Unauth. Reflected Cross-Site Scripting (XSS) in the WordPress plugin Responsive Column Widgets (vendor: Michael Uno / miunosoft), affecting versions

WordPress Plugin responsive-column-widgets security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

PT-2023-30481 · WordPress · Responsive Column Widgets

Name of the Vulnerable Software and Affected Versions: Responsive Column Widgets plugin versions 1.2.7 and earlier Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This means that an attacker could potentially inject malicious scripts into a websit...

CVE-2023-6103 Intelbras RX 1500 SSID WiFi.html cross site scripting

A vulnerability has been found in Intelbras RX 1500 1.1.9 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /WiFi.html of the component SSID Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploi...

WordPress WP Responsive Recent Post Slider/Carousel Plugin <= 3.4 is vulnerable to Broken Access Control

Software WP Responsive Recent Post Slider/Carousel Type Plugin Vulnerable versions = 3.4 Fixed in 3.5 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-40200 Patch priority Medium CVSS severity Medium 5.3 Developer Claim ownership PSID 9480041e2654 Credits...

CVE-2023-28499

CVE-2023-28499 affects the WordPress plugin Slide Anything – Responsive Content / HTML Slider and Carousel . Vulnerable versions:

CVE-2023-23796

Improper Neutralization of Formula Elements in a CSV File vulnerability in Muneeb Form Builder | Create Responsive Contact Forms.This issue affects Form Builder | Create Responsive Contact Forms: from n/a through 1.9.9.0...

WordPress Responsive Column Widgets Plugin <= 1.2.7 is vulnerable to Cross Site Scripting (XSS)

Software Responsive Column Widgets Type Plugin Vulnerable versions = 1.2.7 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-47520 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b88d78460aae Credits Le Ngoc A...

CVE-2023-4810

The Responsive Pricing Table WordPress plugin before 5.1.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2023-4810 Responsive Pricing Table < 5.1.8 - Admin+ Stored Cross-Site Scriping

The Responsive Pricing Table WordPress plugin before 5.1.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2023-4810 Responsive Pricing Table < 5.1.8 - Admin+ Stored Cross-Site Scriping

The Responsive Pricing Table WordPress plugin before 5.1.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2022-46849

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Weblizar Coming Soon Page – Responsive Coming Soon & Maintenance Mode allows SQL Injection.This issue affects Coming Soon Page – Responsive Coming Soon & Maintenance Mode: from n/a through 1.5.9...

WordPress plugin Responsive Pricing Table Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...

Sql injection

A vulnerability was found in Netentsec NS-ASG Application Security Gateway 6.3 and classified as critical. Affected by this issue is some unknown functionality of the file /protocol/firewall/uploadfirewall.php. The manipulation of the argument messagecontent leads to sql injection. The exploit ha...

pargate.se Cross Site Scripting vulnerability OBB-3763610

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2023-5683

A vulnerability was found in Byzoro Smart S85F Management Platform up to 20231010 and classified as critical. This issue affects some unknown processing of the file /sysmanage/importconf.php. The manipulation of the argument btnfilerenew leads to os command injection. The attack may be initiated...