CVE-2024-13128

The LearnPress WordPress plugin before 4.2.7.5.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-40746

A stored cross-site scripting XSS vulnerability in HikaShop Joomla Component 5.1.1 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload in the description parameter of any product. The description parameter is not sanitised in the...

CVE-2024-40746 Extension - hikashop.com - Stored cross site scripting vulnerability in Hikashop component for Joomla < 5.1.1

A stored cross-site scripting XSS vulnerability in HikaShop Joomla Component 5.1.1 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload in the description parameter of any product. The description parameter is not sanitised in the...

Exploit for Out-of-bounds Write in Hutool

json.org CVE-2022-45688 false positive The project contains...

Zimbra Collaboration Server 8.8.x < 8.8.15 Patch 43, 9.x < 9.0.0 Patch 36, 10.0.x < 10.0.4 Multiple Vulnerabilities

According to its self-reported version number, Zimbra Collaboration Server is affected by multiple vulnerabilities including: - XSS on one of the web endpoints via non sanitised input parameter. CVE-2023-43103 - An attacker can gain access of the logged-in user's mailbox through XSS. CVE-2023-431...

Design/Logic Flaw

OpenPGP.js is a JavaScript implementation of the OpenPGP protocol. In affected versions OpenPGP Cleartext Signed Messages are cryptographically signed messages where the signed text is readable without special tools. These messages typically contain a "Hash: ..." header declaring the hash algorit...

PT-2023-19831 · WordPress · Stop Spammers Security

Name of the Vulnerable Software and Affected Versions: The Stop Spammers Security | Block Spam Users, Comments, Forms WordPress plugin versions prior to 2023 Description: The issue is related to a Reflected Cross-Site Scripting problem. It occurs because various parameters are not properly...

govuk_tech_docs vulnerable to unescaped HTML on search results page

Impact Pages that are indexed in search results have their entire contents indexed, including any HTML code snippets. These HTML snippets would appear in the search results unsanitised, so it was possible to render arbitrary HTML or run arbitrary scripts. This is a low risk security issue; to...

GHSA-X2XW-HW8G-6773 govuk_tech_docs vulnerable to unescaped HTML on search results page

Impact Pages that are indexed in search results have their entire contents indexed, including any HTML code snippets. These HTML snippets would appear in the search results unsanitised, so it was possible to render arbitrary HTML or run arbitrary scripts. This is a low risk security issue; to...

PT-2023-32944 · Unknown · Govuk Tech Docs

Name of the Vulnerable Software and Affected Versions: govuk tech docs versions from 2.0.2 to before 3.3.1 Description: The issue is a cross-site scripting vulnerability. Malicious JavaScript may be executed in the user's browser if a malicious search result is displayed on the search page. Pages...

govuk_tech_docs vulnerable to unescaped HTML on search results page

Impact Pages that are indexed in search results have their entire contents indexed, including any HTML code snippets. These HTML snippets would appear in the search results unsanitised, so it was possible to render arbitrary HTML or run arbitrary scripts. This is a low risk security issue; to...

CVE-2023-27472

quickentity-editor-next is an open source, system local, video game asset editor. In affected versions HTML tags in entity names are not sanitised XSS vulnerability. Allows arbitrary code execution within the browser sandbox, among other things, simply from loading a file containing a script tag ...

CVE-2023-27472 HTML tags in entity names in the tree view are not sanitised in quickentity-editor-next

quickentity-editor-next is an open source, system local, video game asset editor. In affected versions HTML tags in entity names are not sanitised XSS vulnerability. Allows arbitrary code execution within the browser sandbox, among other things, simply from loading a file containing a script tag ...

CVE-2022-2559

The Fluent Support WordPress plugin before 1.5.8 does not properly sanitise, validate and escape various parameters before using them in an SQL statement, leading to an SQL Injection vulnerability exploitable by high privilege users...

CVE-2021-3427

The Deluge Web-UI is vulnerable to XSS through a crafted torrent file. The the data from torrent files is not properly sanitised as it's interpreted directly as HTML. Someone who supplies the user with a malicious torrent file can execute arbitrary Javascript code in the context of the user's...

Woocommerce Cross-site Scripting via Additional tax classes field when taxes are enabled

When taxes are enabled, the "Additional tax classes" field was not properly sanitised or escaped before being output back in the admin dashboard, allowing high privilege users such as admin to use XSS payloads even when the unfilteredhtml is disabled...

Cross site scripting

The LiteSpeed Cache WordPress plugin before 4.4.4 does not properly verify that requests are coming from QUIC.cloud servers, allowing attackers to make requests to certain endpoints by using a specific X-Forwarded-For header value. In addition, one of the endpoint could be used to set CSS code if...

Display Post Metadata < 1.5.0 - Contributor+ Stored Cross-Site Scripting

The plugin adds a shortcode to print out custom fields, however their content is not sanitised or escaped which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks PoC - Login as contributor+ - Create a custom field containing XSS payload eg. - Add this...

Sql injection

The Orders functionality in the WP iCommerce WordPress plugin through 1.1.1 has an orderid parameter which is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection. The feature is available to low privilege users such as contributors...

CVE-2021-24393 Comment Highlighter <= 0.13 - Authenticated SQL Injection

A c GET parameter of the Comment Highlighter WordPress plugin through 0.13 is not properly sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection...