WP Responsive Tabs horizontal vertical and accordion Tabs < 1.1.16 - Reflected Cross-Site Scripting

The plugin does not properly sanitize and escape the 'searchterm' parameter, leading to a Reflected Cross-Site Scripting vulnerability...

CVE-2023-2119

The Responsive Filterable Portfolio plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the searchterm parameter in versions up to, and including, 1.0.19 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

CVE-2023-2119

CVE-2023-2119 : The WordPress plugin Responsive Filterable Portfolio (versions ≤ 1.0.19) is affected by a Reflected XSS via the search_term parameter due to insufficient input sanitization and output escaping. The vulnerability permits unauthenticated attackers to inject scripts into pages that e...

WordPress plugin Responsive Filterable Portfolio 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

Responsive FileManager 9.9.5 - Remote Code Execution Exploit

Exploit Title: Responsive FileManager 9.9.5 - Remote Code Execution RCE Exploit Author: Galoget Latorre @galoget Vendor Homepage: https://responsivefilemanager.com Software Link: https://github.com/trippo/ResponsiveFilemanager/releases/download/v9.9.5/responsivefilemanager.zip Dockerfile:...

CVE-2023-23870

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in wpdevart Responsive Vertical Icon Menu plugin = 1.5.8 versions...

CVE-2023-23870

CVE-2023-23870 affects the WordPress plugin wpdevart Responsive Vertical Icon Menu (versions ≤ 1.5.8). The vulnerability is a Stored Cross-Site Scripting (XSS) that requires authentication with admin or higher privileges. The issue stems from the plugin’s handling of input in its menu/icon functi...

CVE-2022-46855

CVE-2022-46855 is a Stored Cross-Site Scripting (XSS) in the WP Darko Responsive Pricing Table plugin, affected versions ≤ 5.1.6. The root cause is insufficient sanitization/escaping of the fields.title parameter, which can allow a contributor (and higher) to inject JavaScript. The vulnerability’...

WordPress plugin Responsive Pricing Table 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

CBL Mariner 2.0 Security Update: unbound (CVE-2022-3204)

The version of unbound installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-3204 advisory. - A vulnerability named 'Non-Responsive Delegation Attack' NRDelegation Attack has been discovered in various...

WordPress plugin Responsive Tabs For WPBakery Page Builder 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

Medium: unbound

Issue Overview: NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable to a novel type of the "ghost domain names" attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a subdomain of a rogue domain name. The rogue nameserver returns delegation...

Amazon Linux 2023 : python3-unbound, unbound, unbound-anchor (ALAS2023-2023-078)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-078 advisory. NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable to a novel type of the ghost domain names attack. The vulnerability works by targeting an Unbound instance. Unbound is queri...

CVE-2023-1498

A vulnerability classified as critical has been found in code-projects Responsive Hotel Site 1.0. Affected is an unknown function of the file messages.php of the component Newsletter Log Handler. The manipulation of the argument title leads to sql injection. It is possible to launch the attack...

CVE-2023-1498

A vulnerability classified as critical has been found in code-projects Responsive Hotel Site 1.0. Affected is an unknown function of the file messages.php of the component Newsletter Log Handler. The manipulation of the argument title leads to sql injection. It is possible to launch the attack...

Sql injection

A vulnerability classified as critical has been found in code-projects Responsive Hotel Site 1.0. Affected is an unknown function of the file messages.php of the component Newsletter Log Handler. The manipulation of the argument title leads to sql injection. It is possible to launch the attack...

CVE-2023-1498 code-projects Responsive Hotel Site Newsletter Log messages.php sql injection

A vulnerability classified as critical has been found in code-projects Responsive Hotel Site 1.0. Affected is an unknown function of the file messages.php of the component Newsletter Log Handler. The manipulation of the argument title leads to sql injection. It is possible to launch the attack...

CVE-2023-1498

The CVE-2023-1498 issue affects code-projects Responsive Hotel Site 1.0, specifically the Newsletter Log Handler’s file messages.php. The vulnerability arises from manipulation of the title argument, leading to SQL injection. It can be exploited remotely, and public exploits have been disclosed. ...

Responsive Hotel Site SQL注入漏洞

Responsive Hotel Site is a PHP-based responsive hotel website. A SQL injection vulnerability exists in code-projects Responsive Hotel Site version 1.0, which stems from a problem with a function in the file messages.php, where manipulation of the parameter title can lead to sql injection...

PT-2023-17034 · Unknown · Code-Projects Responsive Hotel Site

Name of the Vulnerable Software and Affected Versions: code-projects Responsive Hotel Site version 1.0 Description: A critical vulnerability has been found in the Newsletter Log Handler component of the code-projects Responsive Hotel Site. The issue is related to the manipulation of the title...