2429 matches found
CVE-2022-25602
CVE-2022-25602 affects the WordPress Responsive Menu plugin (versions ≤ 4.1.7). A nonce token leak enables arbitrary file upload, theme deletion, and plugin settings changes. Multiple connected sources (Patchstack, WPVulndb, NVD/NVD-derived entries) corroborate the impact and prioritization as a ...
CVE-2022-25602 WordPress Responsive Menu plugin <= 4.1.7 - Nonce token leak leading to arbitrary file upload, theme deletion, plugin settings change vulnerability
Nonce token leak vulnerability leading to arbitrary file upload, theme deletion, plugin settings change discovered in Responsive Menu WordPress plugin versions = 4.1.7...
CVE-2022-25602 WordPress Responsive Menu plugin <= 4.1.7 - Nonce token leak leading to arbitrary file upload, theme deletion, plugin settings change vulnerability
Nonce token leak vulnerability leading to arbitrary file upload, theme deletion, plugin settings change discovered in Responsive Menu WordPress plugin versions = 4.1.7...
WordPress plugin Responsive Menu 代码问题漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an open source application plugin for WordPress. WordPress plugin Responsive Menu has a security vulnerability...
WordPress Responsive Menu plugin <= 4.1.7 - Nonce token leak leading to arbitrary file upload, theme deletion, plugin settings change vulnerability
Nonce token leak leading to arbitrary file upload, theme deletion, plugin settings change vulnerability discovered by Dave Jong Patchstack in WordPress Responsive Menu plugin versions = 4.1.7. Solution Update the WordPress Responsive Menu plugin to the latest available version at least 4.1.8...
CVE-2021-24995
The HTML5 Responsive FAQ WordPress plugin through 2.8.5 does not properly sanitise and escape some of its settings, which could allow a high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...
CVE-2021-24995
The HTML5 Responsive FAQ WordPress plugin through 2.8.5 does not properly sanitise and escape some of its settings, which could allow a high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...
Cross site scripting
The HTML5 Responsive FAQ WordPress plugin through 2.8.5 does not properly sanitise and escape some of its settings, which could allow a high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...
CVE-2021-24995 HTML5 Responsive FAQ <= 2.8.5 - Admin+ Stored Cross-Site Scripting
The HTML5 Responsive FAQ WordPress plugin through 2.8.5 does not properly sanitise and escape some of its settings, which could allow a high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...
CVE-2021-24995
CVE-2021-24995 affects WordPress HTML5 Responsive FAQ plugin (versions
WordPress plugin 跨站脚本漏洞
WordPress is the Wordpress Foundation's suite of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress HTML5 Responsive FAQ has a cross-site scripting vulnerability that stems from not properly cleaning a...
CVE-2021-24971
The WP Responsive Menu WordPress plugin before 3.1.7.1 does not have capability and CSRF checks in the wprliveupdate AJAX action, as well as do not sanitise and escape some of the data submitted. As a result, any authenticated, such as subscriber could update the plugin's settings and perform...
CVE-2021-24971
The WP Responsive Menu WordPress plugin before 3.1.7.1 does not have capability and CSRF checks in the wprliveupdate AJAX action, as well as do not sanitise and escape some of the data submitted. As a result, any authenticated, such as subscriber could update the plugin's settings and perform...
CVE-2021-24971 WP Responsive Menu < 3.1.7.1 - Subscriber+ Settings Update to Stored XSS
The WP Responsive Menu WordPress plugin before 3.1.7.1 does not have capability and CSRF checks in the wprliveupdate AJAX action, as well as do not sanitise and escape some of the data submitted. As a result, any authenticated, such as subscriber could update the plugin's settings and perform...
CVE-2021-24971
CVE-2021-24971 affects the WordPress WP Responsive Menu plugin prior to 3.1.7.1. Root cause: lacking capability and CSRF checks in the wpr_live_update AJAX action and insufficient sanitization/escaping of submitted data, allowing an authenticated user (e.g., subscriber) to modify plugin settings ...
WordPress Best Responsive Comparison Table for Gutenberg Editor – NicheTable plugin <= 2.2.0 - Sensitive Information Disclosure vulnerability
Sensitive Information Disclosure vulnerability discovered in WordPress Best Responsive Comparison Table for Gutenberg Editor – NicheTable plugin versions = 2.2.0. Solution Update the WordPress Best Responsive Comparison Table for Gutenberg Editor – NicheTable plugin to the latest available versio...
WordPress 跨站脚本漏洞
WordPress is the WordPress Foundation's set of blogging platforms developed using the PHP language. The platform supports the hosting of personal blogging sites on PHP and MySQL servers. cross-site scripting vulnerability exists in versions of WordPress WP Responsive Menu plugin prior to 3.1.7.1,...
WordPress FullScreen Menu – Mobile Friendly and Responsive plugin <= 2.2.7 - Sensitive Information Disclosure vulnerability
Sensitive Information Disclosure vulnerability discovered in WordPress FullScreen Menu – Mobile Friendly and Responsive plugin versions = 2.2.7. Solution Update the WordPress FullScreen Menu – Mobile Friendly and Responsive plugin to the latest available version at least 2.2.8...
WordPress Mobile View for Responsive web design optimization (UX design) + Mobile Friendly Test plugin <= 1.2.3 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Mobile View for Responsive web design optimization UX design + Mobile Friendly Test plugin versions = 1.2.3. Solution Update the WordPress Mobile View for Responsive web design optimization UX design +...
WordPress YouTube Responsive Gallery plugin <= 1.0.1 - Sensitive Information Disclosure vulnerability
Sensitive Information Disclosure vulnerability discovered in WordPress YouTube Responsive Gallery plugin versions = 1.0.1. Solution No patched version available...