WP Responsive Menu < 3.1.7.1 - Subscriber+ Settings Update to Stored XSS

The plugin does not have capability and CSRF checks in the wprliveupdate AJAX action, as well as do not sanitise and escape some of the data submitted. As a result, any authenticated, such as subscriber could update the plugin's settings and perform Cross-Site Scripting attacks against all visito...

WordPress WP Responsive Menu plugin <= 3.1.7 - Subscriber+ Settings Update to Stored Cross-Site (XSS)

Subscriber+ Settings Update to Stored Cross-Site XSS discovered by Krzysztof Zając in WordPress WP Responsive Menu plugin versions = 3.1.7. Solution Update the WordPress WP Responsive Menu plugin to the latest available version at least 3.1.7.1...

Business Responsive Theme - Critical - Unsupported - SA-CONTRIB-2022-013

The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466procedure---own-project---unsupported...

Raven - Advanced Cyber Threat Map (Simplified, Customizable, Responsive)

Raven - Advanced Cyber Threat Map Simplified, customizable and responsive. It uses D3.js with TOPO JSON, has 247 countries, 100,000 cities, and can be used in an isolated environment without external lookups!. Live - Demo https://qeeqbox.github.io/raven/ Offline - Demo Features Uses D3.js Not...

HTML5 Responsive FAQ <= 2.8.5 - Admin+ Stored Cross-Site Scripting

The plugin does not properly sanitise and escape some of its settings, which could allow a high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed Put the following payload in the "Text size of answer in pixels" settings: alert'XSS'; The XSS will be...

WordPress HTML5 Responsive FAQ plugin <= 2.8.5 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by José Aguilera in WordPress HTML5 Responsive FAQ plugin versions = 2.8.5. Solution Deactivate and delete. This plugin has been closed as of November 23, 2021 and is not available for download. Reason: Security Issue...

NewStart CGSL MAIN 6.02 : firefox Multiple Vulnerabilities (NS-SA-2021-0131)

The remote NewStart CGSL host, running version MAIN 6.02, has firefox packages installed that are affected by multiple vulnerabilities: - Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as...

WordPress 跨站脚本漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress plugin Responsive WordPress Slider prio...

CVE-2021-24398

The Add new scene functionality in the Responsive 3D Slider WordPress plugin through 1.2 uses an id parameter which is not sanitised, escaped or validated before being inserted to a SQL statement, leading to SQL injection. This is a time based SQLI and in the same function vulnerable parameter is...

Sql injection

The Add new scene functionality in the Responsive 3D Slider WordPress plugin through 1.2 uses an id parameter which is not sanitised, escaped or validated before being inserted to a SQL statement, leading to SQL injection. This is a time based SQLI and in the same function vulnerable parameter is...

WordPress SQL注入漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in the Responsive 3D Slider WordPress plugin 1.2 and prior...

MetInfo Cross-Site Request Forgery Vulnerability (CNVD-2021-99308)

MetInfo uses PHP Mysql architecture, is a very SEO-friendly, comprehensive, multi-language, responsive display, extremely suitable for enterprise, company website building cms system. metInfo version 7.0.0 cross-site request forgery vulnerability. The attacker can use the admin/?n=admin...

MetInfo SQL Injection Vulnerability (CNVD-2021-74293)

MetInfo using PHP + Mysql architecture, is a very SEO-friendly, full-featured, support for multi-language, responsive display, extremely suitable for business, corporate website construction cms station-building system. MetInfo 7.0.0 version of the existence of SQL injection vulnerability,...

The vulnerability of the `get_portfolios()` and `get_portfolio_attributes()` functions in the Portfolio Responsive Gallery plugin of the WordPress content management system allows a hacker to execute arbitrary SQL code.

The vulnerability of the getportfolios and getportfolioattributes functions in the Portfolio Responsive Gallery plugin of the WordPress content management system is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability could allow a remote attacker ...

CVE-2021-24513

Affected software: WordPress Form Builder plugin (pre-1.9.8.4). Vulnerability: Authenticated stored XSS via unsanitized/unsted Form Title. Root cause: Form Title not sanitized/escaped, enabling injection by privileged users (e.g., admin). Impact: Client-side script execution in admin context; aff...

CVE-2021-24457

The getportfolios and getportfolioattributes functions in the class-portfolio-responsive-gallery-list-table.php and class-portfolio-responsive-gallery-attributes-list-table.php files of the Portfolio Responsive Gallery WordPress plugin before 1.1.8 did not use whitelist or validate the orderby...

Sql injection

The getportfolios and getportfolioattributes functions in the class-portfolio-responsive-gallery-list-table.php and class-portfolio-responsive-gallery-attributes-list-table.php files of the Portfolio Responsive Gallery WordPress plugin before 1.1.8 did not use whitelist or validate the orderby...

Sql injection

The getsliders function in the Image Slider by Ays- Responsive Slider and Carousel WordPress plugin before 2.5.0 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the getresults DB calls, leading to SQL injection issues in the admin dashboard...

CVE-2021-24463 Image Slider by Ays - Responsive Slider and Carousel < 2.5.0 - Authenticated Blind SQL Injection

The getsliders function in the Image Slider by Ays- Responsive Slider and Carousel WordPress plugin before 2.5.0 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the getresults DB calls, leading to SQL injection issues in the admin dashboard...

CVE-2021-24462

The CVE-2021-24462 issue affects the WordPress plugin Photo Gallery by Ays – Responsive Image Gallery (versions before 4.4.4). The root cause is that get_gallery_categories() and get_galleries() do not whitelist or validate the orderby parameter before incorporating it into SQL in get_results(), ...