CVE-2023-5681

A vulnerability, which was classified as critical, was found in Netentsec NS-ASG Application Security Gateway 6.3. This affects an unknown part of the file /admin/listaddrfwresourceip.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has bee...

CVE-2023-4271

The Photospace Responsive plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘psresbuttonsize’ parameter in versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2023-4271

CVE-2023-4271 affects the WordPress Photospace Responsive Gallery plugin. It is a Stored Cross-Site Scripting (XSS) vulnerability in the psres_button_size parameter, exploitable in versions up to and including 2.1.1 due to insufficient input sanitization and output escaping. Impact requires authe...

Photospace Responsive < 2.1.2 - Admin+ Stored XSS

Description The plugin does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

WordPress Plugin Photospace Responsive Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

PT-2023-28531 · WordPress · Photospace Responsive

Name of the Vulnerable Software and Affected Versions: Photospace Responsive plugin for WordPress versions up to, and including, 2.1.1 Description: The issue is related to Stored Cross-Site Scripting via the psres button size parameter due to insufficient input sanitization and output escaping...

CVE-2023-45630 WordPress Responsive Image Gallery, Gallery Album Plugin <= 2.0.3 is vulnerable to Cross Site Scripting (XSS)

Unauth. Stored Cross-Site Scripting XSS vulnerability in wpdevart Gallery – Image and Video Gallery with Thumbnails plugin = 2.0.3 versions...

CVE-2023-45629 WordPress Responsive Image Gallery, Gallery Album Plugin <= 2.0.3 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in wpdevart Gallery – Image and Video Gallery with Thumbnails plugin = 2.0.3 versions...

WordPress Responsive Column Widgets Plugin <= 1.2.7 is vulnerable to Open Redirection

Software Responsive Column Widgets Type Plugin Vulnerable versions = 1.2.7 Fixed in N/A OWASP Top 10 A5: Security Misconfiguration Classification Open Redirection CVE CVE-2023-45762 Patch priority Low CVSS severity Low 4.7 Developer Claim ownership PSID 59d95f8609d5 Credits Phd Required privilege...

WordPress Responsive Image Gallery, Gallery Album Plugin <= 2.0.3 is vulnerable to Cross Site Request Forgery (CSRF)

Software Responsive Image Gallery, Gallery Album Type Plugin Vulnerable versions = 2.0.3 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-45629 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID c264401c72ac Credi...

WordPress Responsive Image Gallery, Gallery Album Plugin <= 2.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Responsive Image Gallery, Gallery Album Type Plugin Vulnerable versions = 2.0.3 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-45630 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 67954aa41bb6...

Sql injection

A vulnerability was found in QDocs Smart School 6.4.1. It has been classified as critical. This affects an unknown part of the file /course/filterRecords/ of the component HTTP POST Request Handler. The manipulation of the argument searchdata0title/searchdata0searchfield/searchdata0searchvalue...

Responsive Gallery Grid <= 2.3.10 - Settings Update via CSRF

Description The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2023-5463

Summary: CVE-2023-5463 affects XINJE XDPPro up to 3.7.17a. Affected component: library cfgmgr32.dll, issue: uncontrolled search path due to a code/config issue. Impact appears local with potential for high confidentiality/integrity/availability impact as per CVSS data; exploitation has been discl...

Design/Logic Flaw

A vulnerability has been found in Delta Electronics DVP32ES2 PLC 1.48 and classified as critical. This vulnerability affects unknown code of the component Password Transmission Handler. The manipulation leads to denial of service. The exploit has been disclosed to the public and may be used...

CVE-2023-41659

Cross-Site Request Forgery CSRF vulnerability in Jules Colle, BDWM Responsive Gallery Grid plugin = 2.3.10 versions...

CVE-2023-41659

Cross-Site Request Forgery CSRF vulnerability in Jules Colle, BDWM Responsive Gallery Grid plugin = 2.3.10 versions...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Jules Colle, BDWM Responsive Gallery Grid plugin = 2.3.10 versions...

CVE-2023-41659

CVE-2023-41659 : WordPress plugin “Responsive Gallery Grid” (BDWM/Responsive Gallery Grid, &lt;= 2.3.10) suffers a Cross-Site Request Forgery (CSRF) vulnerability in its settings update, allowing unauthenticated actions on affected sites. Patchstack reports a fixed release in 2.3.14; prior report...

CVE-2023-41659 WordPress Responsive Gallery Grid Plugin <= 2.3.10 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Jules Colle, BDWM Responsive Gallery Grid plugin = 2.3.10 versions...