CVE-2023-46095

The CVE-2023-46095 entry refers to a CSRF vulnerability in the WordPress plugin Smooth Scroll Links [SSL], affecting versions 1.1.0 (or remove/rethink the plugin) to resolve the vulnerability; monitor for official patch availability or vendor advisories.

WordPress Plugin Smooth Scroll Links [SSL] Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site request forgery vulnerability exists in...

PT-2023-29845 · WordPress · Chetan Gole Smooth Scroll Links

Name of the Vulnerable Software and Affected Versions: Chetan Gole Smooth Scroll Links SSL plugin versions = 1.1.0 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This means an attacker can trick a user into performing unintended actions on a web application that the us...

CVE-2023-45051

CVE-2023-45051 is an Auth. (admin+) Stored XSS in the WordPress plugin “Image vertical reel scroll slideshow.” The vulnerability affects the plugin’s image slideshow function and is caused by insufficient escaping/validation of inputs, permitting stored XSS when an admin with unfiltered HTML cont...

CVE-2023-45051 WordPress Image vertical reel scroll slideshow Plugin <= 9.0 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Gopi Ramasamy Image vertical reel scroll slideshow plugin = 9.0 versions...

WordPress Smooth Scroll Links Plugin <= 1.1.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Smooth Scroll Links Type Plugin Vulnerable versions = 1.1.0 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-46095 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 1e27113556ed Credits Skalucy Required...

WordPress Scroll post excerpt Plugin <= 8.0 is vulnerable to Cross Site Scripting (XSS)

Software Scroll post excerpt Type Plugin Vulnerable versions = 8.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-45764 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID c3a82d7d0784 Credits Rio Darmawan Required...

WordPress Image vertical reel scroll slideshow Plugin <= 9.2 is vulnerable to Cross Site Scripting (XSS)

Software Image vertical reel scroll slideshow Type Plugin Vulnerable versions = 9.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-45051 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 0b834e242a67 Credits yuyudh...

Vim Numeric Error Vulnerability

Vim is a cross-platform text editor. A security vulnerability exists in Vim versions 9.0.1367-1 through 9.0.1367-3, which stems from a divide-by-zero flaw in the function scrollcursorbot...

WordPress Ultimate Infinite Scroll Plugin Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Ultimate Infinite Scroll Plugin Type Plugin Vulnerable versions = 1.0.3 Fixed in 1.0.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e939817d24d9 Credits Rafie Muhammad...

WordPress Easy Smooth Scroll Links Plugin <= 2.23.1 is vulnerable to Cross Site Scripting (XSS)

Software Easy Smooth Scroll Links Type Plugin Vulnerable versions = 2.23.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 09f432ff9f4d Credits Rafie Muhammad Patchstac...

MAL-2023-365 Malicious code in fc-scroll (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c7f4167da0bf5409b53f5b683dcdb962d93b6d03e2d9e3916c5859f78f8f9f1c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in fc-scroll (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c7f4167da0bf5409b53f5b683dcdb962d93b6d03e2d9e3916c5859f78f8f9f1c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

WordPress Ajax Pagination and Infinite Scroll Plugin <= 2.0.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software Ajax Pagination and Infinite Scroll Type Plugin Vulnerable versions = 2.0.1 Fixed in N/A OWASP Top 10 A2: Broken Authentication Classification Cross Site Request Forgery CSRF CVE CVE-2023-34033 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 411a2149f500 Credits...

CVE-2023-23862

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Gopi Ramasamy Vertical scroll recent post plugin = 14.0 versions...

CVE-2023-23862

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Gopi Ramasamy Vertical scroll recent post plugin = 14.0 versions...

CVE-2023-23862 WordPress Vertical scroll recent post Plugin <= 14.0 is vulnerable to Cross Site Scripting (XSS)

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Gopi Ramasamy Vertical scroll recent post plugin = 14.0 versions...

CVE-2023-23862

CVE-2023-23862 corresponds to a Stored XSS in the WordPress plugin Vertical scroll recent post (by Gopi Ramasamy), affecting versions

WordPress plugin Vertical scroll recent post 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

WordPress Vertical scroll recent post Plugin <= 14.0 is vulnerable to Cross Site Scripting (XSS)

Software Vertical scroll recent post Type Plugin Vulnerable versions = 14.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23862 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 4392e27a6637 Credits yuyudhn Requir...