WordPress Easy Smooth Scroll Links plugin <= 2.23.0 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by Park won seok in WordPress Easy Smooth Scroll Links plugin versions = 2.23.0. Solution Update the WordPress Easy Smooth Scroll Links plugin to the latest available version at least 2.23.1...

Easy Smooth Scroll Links < 2.23.1 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed PoC Put the following payload in any text field settings of the plugin for example Scroll Speed...

WordPress Easy Smooth Scroll Links – Smooth Scrolling Anchor plugin <= 2.23.0 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Easy Smooth Scroll Links – Smooth Scrolling Anchor plugin versions = 2.23.0. Solution Update the WordPress Easy Smooth Scroll Links – Smooth Scrolling Anchor plugin to the latest available version at...

WordPress Easy Smooth Scroll Links – Smooth Scrolling Anchor plugin <= 2.23.0 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Easy Smooth Scroll Links – Smooth Scrolling Anchor plugin versions = 2.23.0. Solution No patched version available...

WordPress Scrollsequence – Cinematic Scroll Image Animation Plugin plugin < 1.2.4 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Scrollsequence – Cinematic Scroll Image Animation Plugin plugin versions 1.2.4. Solution Update the WordPress Scrollsequence – Cinematic Scroll Image Animation Plugin plugin to the latest available...

WordPress Scrollsequence – Cinematic Scroll Image Animation Plugin plugin < 1.2.4 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Scrollsequence – Cinematic Scroll Image Animation Plugin plugin versions 1.2.4. Solution Update the WordPress Scrollsequence – Cinematic Scroll Image Animation Plugin plugin to the latest available version at least 1.2.4...

The vulnerability of the Scroll component in Google Chrome allows a hacker to gain access to confidential information or cause a service failure.

The vulnerability of the Scroll component in Google Chrome relates to improperly implemented security checks for standard elements. Exploiting this vulnerability can allow an attacker to access confidential information or cause service failures...

Remote Code Execution (RCE)

Chrome is vulnerable to remote code execution. The vulnerability exists due to an inappropriate implementation in the function scroll...

Chromium: CVE-2022-0462 Inappropriate implementation in Scroll

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

WordPress MouseWheel Smooth Scroll plugin cross-site request forgery vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site request forgery vulnerability exists in the WordPress MouseWheel Smooth Scroll plugin in versions...

CVE-2021-24852

The MouseWheel Smooth Scroll WordPress plugin before 5.7 does not have CSRF check in place on its settings page, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2021-24852

The MouseWheel Smooth Scroll WordPress plugin before 5.7 does not have CSRF check in place on its settings page, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2021-24852 MouseWheel Smooth Scroll < 5.7 - Plugin's Setting Update via CSRF

The MouseWheel Smooth Scroll WordPress plugin before 5.7 does not have CSRF check in place on its settings page, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2021-24852

CVE-2021-24852 affects the WordPress plugin "MouseWheel Smooth Scroll" (versions before 5.7). The root cause is a missing CSRF check on the plugin’s settings page, enabling a CSRF attack to cause a logged-in administrator to change settings. Documented impact is cross-site request forgery leading...

WordPress 跨站请求伪造漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site request forgery vulnerability exists in the WordPress MouseWheel Smooth Scroll plugin in versions...

WordPress Scroll Baner plugin cross-site request forgery vulnerability

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. WordPress Scroll Baner plugin in version 1.0 and...

CVE-2021-24642

The Scroll Baner WordPress plugin through 1.0 does not have CSRF check in place when saving its settings, nor perform any sanitisation, escaping or validation on them. This could allow attackers to make logged in admin change them and could lead to RCE via a file upload as well as XSS...

CVE-2021-24642

CVE-2021-24642 affects the Scroll Baner WordPress plugin (versions ≤ 1.0). The root cause is missing CSRF protection and lack of input sanitisation/validation when saving settings, enabling a logged-in admin to alter settings. This could lead to remote code execution (via a file upload) and cross...

CVE-2021-24642 Scroll Baner <= 1.0 - CSRF to RCE

The Scroll Baner WordPress plugin through 1.0 does not have CSRF check in place when saving its settings, nor perform any sanitisation, escaping or validation on them. This could allow attackers to make logged in admin change them and could lead to RCE via a file upload as well as XSS...

WordPress MouseWheel Smooth Scroll plugin <= 5.6 - Cross-Site Request Forgery (CSRF) vulnerability leading to Plugin Setting Update

Cross-Site Request Forgery CSRF vulnerability leading to Plugin Setting Update discovered by apple502j in WordPress MouseWheel Smooth Scroll plugin versions = 5.6. Solution Update the WordPress MouseWheel Smooth Scroll plugin to the latest available version at least 5.7...