terminology-view.lido-schema.org Cross Site Scripting vulnerability OBB-3583552

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2022-4666

The Markup JSON-LD structured in schema.org WordPress plugin through 4.8.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Sit...

Cross site scripting

The Markup JSON-LD structured in schema.org WordPress plugin through 4.8.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Sit...

CVE-2022-4666

CVE-2022-4666 affects the WordPress plugin Markup (JSON-LD) structured in schema.org up to version 4.8.1. The issue is unvalidated/unescaped shortcode attributes that can lead to Stored XSS when embedded in pages/posts by users with contributor role or higher. The connected documents confirm the ...

WordPress Markup (JSON-LD) structured in schema.org Plugin <= 4.8.1 is vulnerable to Cross Site Scripting (XSS)

Software Markup JSON-LD structured in schema.org Type Plugin Vulnerable versions = 4.8.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4666 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID f683250d0657...

CVE-2022-33154

The schema aka Embedding schema.org vocabulary extension before 1.13.1 and 2.x before 2.5.1 for TYPO3 allows XSS...

CVE-2022-33154

The schema aka Embedding schema.org vocabulary extension before 1.13.1 and 2.x before 2.5.1 for TYPO3 allows XSS...

Cross site scripting

The schema aka Embedding schema.org vocabulary extension before 1.13.1 and 2.x before 2.5.1 for TYPO3 allows XSS...

CVE-2022-33154

The schema aka Embedding schema.org vocabulary extension before 1.13.1 and 2.x before 2.5.1 for TYPO3 allows XSS...

WordPress All In One Schema.org Rich Snippets 1.4.1 XSS

DefenseCode ThunderScan SAST Advisory WordPress All In One Schema.org Rich Snippets Plugin Security Vulnerability Advisory ID: DC-2017-01-002 Advisory Title: WordPress All In One Schema.org Rich Snippets Plugin Security Vulnerability Advisory URL: http://www.defensecode.com/advisories.php Softwar...

All In One Schema.org Rich Snippets <= 1.4.4 - Authenticated Cross-Site Scripting (XSS)

The Schema – All In One Schema Rich Snippets WordPress plugin was affected by an Authenticated Cross-Site Scripting XSS security vulnerability. PoC http://vulnerablesite.com/wp-admin/admin.php?page=richsnippetdashboardforcesend=truesendlabel=...