2429 matches found
CVE-2022-4750 WP Responsive Testimonials Slider And Widget <= 1.5 - Contributor+ Stored XSS
The WP Responsive Testimonials Slider And Widget WordPress plugin through 1.5 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored...
WordPress Plugin WP Responsive Testimonials Slider And Widget 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
SUSE CVE-2021-23995
When Responsive Design Mode was enabled, it used references to objects that were previously freed. We presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR 78.10, Thunderbird 78.10, and Firefox 88...
CVE-2023-25065
Cross-Site Request Forgery CSRF vulnerability in ShapedPlugin WP Tabs – Responsive Tabs Plugin for WordPress plugin = 2.1.14 versions...
CVE-2023-25065
CVE-2023-25065 reports a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin “WP Tabs – Responsive Tabs” (ShapedPlugin)
Cross site scripting
The Responsive Gallery Grid WordPress plugin before 2.3.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attac...
CVE-2023-0060 Responsive Gallery Grid < 2.3.9 - Contributor+ Stored XSS
The Responsive Gallery Grid WordPress plugin before 2.3.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attac...
eVision Responsive Column Layout Shortcodes <= 2.3 - Contributor+ Stored XSS
The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC bscolumns class='" onmouseover="alert1"...
eVision Responsive Column Layout Shortcodes <= 2.3 - Contributor+ Stored XSS
The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. bscolumns class='" onmouseover="alert1"...
WordPress plugin Responsive Gallery Grid 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
Exploit for Unrestricted Upload of File with Dangerous Type in Tecrail Responsive_Filemanager
ResponsiveFileManager-CVE-2022-46604 Responsive FileManager v...
WordPress Responsive Image Gallery, Gallery Album Plugin <= 2.0.1 is vulnerable to Cross Site Scripting (XSS)
Software Responsive Image Gallery, Gallery Album Type Plugin Vulnerable versions = 2.0.1 Fixed in 2.0.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-47603 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 679ee9055f30...
CVE-2022-46604
An issue in Tecrail Responsive FileManager v9.9.5 and below allows attackers to bypass the file extension check mechanism and upload a crafted PHP file, leading to arbitrary code execution...
CVE-2022-46604
An issue in Tecrail Responsive FileManager v9.9.5 and below allows attackers to bypass the file extension check mechanism and upload a crafted PHP file, leading to arbitrary code execution...
CVE-2022-46604
The CVE-2022-46604 issue affects Tecrail Responsive FileManager v9.9.5 and earlier. A vulnerability in the file-extension check allows an attacker to upload a crafted PHP file, enabling arbitrary code execution on the server. Connected exploit sources describe remediating factors such as director...
WordPress eVision Responsive Column Layout Shortcodes Plugin <= 2.3 is vulnerable to Cross Site Scripting (XSS)
Software eVision Responsive Column Layout Shortcodes Type Plugin Vulnerable versions = 2.3 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE N/A Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 18ded12f9366 Credits...
Amazon Linux 2022 : python3-unbound, unbound, unbound-anchor (ALAS2022-2023-265)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2023-265 advisory. NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable to a novel type of the ghost domain names attack. The vulnerability works by targeting an Unbound instance. Unbound is queri...
WordPress Responsive Vertical Icon Menu Plugin <= 1.5.8 is vulnerable to Cross Site Scripting (XSS)
Software Responsive Vertical Icon Menu Type Plugin Vulnerable versions = 1.5.8 Fixed in 1.5.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23870 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 33c1eabeea35 Credits Rio...
WordPress Responsive Gallery Grid Plugin < 2.3.9 is vulnerable to Cross Site Scripting (XSS)
Software Responsive Gallery Grid Type Plugin Vulnerable versions 2.3.9 Fixed in 2.3.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0060 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 2a4cfaed0ac5 Credits Lana Codes...
Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2023-1156)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...