WordPress plugin MashShare 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

WordPress plugin Greenshift 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

WordPress plugin Real Testimonials 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress plugin Click to Chat 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress plugin Seriously Simple Podcasting 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

PT-2023-14940 · WordPress · Real Testimonials

Name of the Vulnerable Software and Affected Versions: The Real Testimonials WordPress plugin versions prior to 2.6.0 Description: The issue arises from the plugin's failure to validate and escape some of its shortcode attributes before outputting them back in the page. This could allow users wit...

PT-2023-14749 · WordPress · Video Conferencing With Zoom

Name of the Vulnerable Software and Affected Versions: Video Conferencing with Zoom WordPress plugin versions prior to 4.0.10 Description: The issue arises from the plugin's failure to validate and escape some of its shortcode attributes before outputting them back in the page. This could allow...

PT-2023-14590 · WordPress · Convertkit

Name of the Vulnerable Software and Affected Versions: ConvertKit WordPress plugin versions prior to 2.0.5 Description: The issue allows users with a role as low as a contributor to perform Stored Cross-Site Scripting attacks, which could be used against high-privilege users such as admins. This ...

PT-2023-14553 · WordPress · Font Awesome Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: Font Awesome WordPress plugin versions prior to 4.3.2 Description: The issue concerns the Font Awesome WordPress plugin, which does not properly validate and escape certain shortcode attributes before outputting them. This could allow users...

PT-2023-14525 · WordPress · Themify Portfolio Post

Name of the Vulnerable Software and Affected Versions: Themify Portfolio Post WordPress plugin versions prior to 1.2.1 Description: The issue allows users with a role as low as a contributor to perform Stored Cross-Site Scripting attacks, which could be used against high privileged users such as...

PT-2023-14559 · WordPress · The Social Share

Name of the Vulnerable Software and Affected Versions: The Social Share, Social Login and Social Comments Plugin WordPress plugin versions prior to 7.13.44 Description: The issue concerns a lack of validation and escaping of certain shortcode attributes, which could allow users with a role as low...

PT-2023-14556 · WordPress · Mesmerize Companion

Name of the Vulnerable Software and Affected Versions: Mesmerize Companion WordPress plugin versions prior to 1.6.135 Description: The issue allows users with a role as low as contributor to perform Stored Cross-Site Scripting attacks, which could be used against high privilege users such as...

PT-2023-14515 · Codelights · Sidebar Widgets

Name of the Vulnerable Software and Affected Versions: The Sidebar Widgets by CodeLights WordPress plugin versions 1.4 and earlier Description: The issue allows users with a role as low as a contributor to perform Stored Cross-Site Scripting attacks, which could be used against high-privilege use...

PT-2023-14668 · WordPress · Mashshare

Name of the Vulnerable Software and Affected Versions: MashShare WordPress plugin versions prior to 3.8.7 Description: The issue concerns a lack of validation and escaping of certain shortcode attributes, which can lead to Stored Cross-Site Scripting attacks. Users with a role as low as contribut...

WordPress plugin WOOCS 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress plugin Insert Pages 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

PT-2023-14585 · WordPress · The Real Cookie Banner

Name of the Vulnerable Software and Affected Versions: The Real Cookie Banner WordPress plugin versions prior to 3.4.10 Description: The issue allows users with a role as low as a contributor to perform Stored Cross-Site Scripting attacks against logged-in admins. This is due to the plugin not...

WordPress plugin Meteor Slides 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

WordPress plugin Themify Portfolio Post 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

WordPress plugin Social Sharing 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...