CVE-2023-29424

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Plainware ShiftController Employee Shift Scheduling plugin = 4.9.23 versions...

CVE-2023-29424

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Plainware ShiftController Employee Shift Scheduling plugin = 4.9.23 versions...

Cross site scripting

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Plainware ShiftController Employee Shift Scheduling plugin = 4.9.23 versions...

CVE-2023-29424 WordPress ShiftController Employee Shift Scheduling Plugin <= 4.9.23 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Plainware ShiftController Employee Shift Scheduling plugin = 4.9.23 versions...

CVE-2023-29424 WordPress ShiftController Employee Shift Scheduling Plugin <= 4.9.23 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Plainware ShiftController Employee Shift Scheduling plugin = 4.9.23 versions...

CVE-2023-29424

The CVE-2023-29424 entry concerns the WordPress ShiftController Employee Shift Scheduling plugin (versions

PT-2023-22251 · Plainware · Plainware Shiftcontroller Employee Shift Scheduling

Name of the Vulnerable Software and Affected Versions: Plainware ShiftController Employee Shift Scheduling plugin versions = 4.9.23 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin+ privileges. This vulnerability affects...

WordPress Plugin ShiftController Employee Shift Scheduling 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

CVE-2023-1978

The ShiftController Employee Shift Scheduling plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the query string in versions up to, and including, 4.9.25 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inje...

CVE-2023-1978

The ShiftController Employee Shift Scheduling plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the query string in versions up to, and including, 4.9.25 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inje...

CVE-2023-1978

The ShiftController Employee Shift Scheduling plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the query string in versions up to, and including, 4.9.25 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inje...

CVE-2023-1978 ShiftController Employee Shift Scheduling <= 4.9.25 - Reflected Cross-Site Scripting via Query String

The ShiftController Employee Shift Scheduling plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the query string in versions up to, and including, 4.9.25 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inje...

CVE-2023-1978

CVE-2023-1978 describes a Reflected Cross-Site Scripting (XSS) in the WordPress plugin “ShiftController Employee Shift Scheduling” for versions

WordPress Plugin ShiftController Employee Shift Scheduling 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress ShiftController Employee Shift Scheduling Plugin <= 4.9.25 is vulnerable to Cross Site Scripting (XSS)

Software ShiftController Employee Shift Scheduling Type Plugin Vulnerable versions = 4.9.25 Fixed in 4.9.26 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1978 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID dde7717ec078...

ShiftController Employee Shift Scheduling < 4.9.26 - Reflected Cross-Site Scripting

The plugin does not properly sanitize input and escape output in the query string, leading to a Reflected Cross-Site Scripting vulnerability...

WordPress ShiftController Employee Shift Scheduling Plugin <= 4.9.23 is vulnerable to Cross Site Request Forgery (CSRF)

Software ShiftController Employee Shift Scheduling Type Plugin Vulnerable versions = 4.9.23 Fixed in 4.9.24 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-29425 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID df5a54e81f4f...

WordPress ShiftController Employee Shift Scheduling Plugin <= 4.9.23 is vulnerable to Cross Site Scripting (XSS)

Software ShiftController Employee Shift Scheduling Type Plugin Vulnerable versions = 4.9.23 Fixed in 4.9.24 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-29424 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 21f298cb90...