WordPress Squelch Tabs and Accordions Shortcodes plugin <= 0.4.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via accordions Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via accordions Shortcode vulnerability discovered by Francesco Carlucci in WordPress Plugin Squelch Tabs and Accordions Shortcodes versions = 0.4.3...

CVE-2024-5946

The Squelch Tabs and Accordions Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘tab’ shortcode in all versions up to, and including, 0.4.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

WordPress Squelch Tabs and Accordions Shortcodes plugin <= 0.4.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via tab Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via tab Shortcode vulnerability discovered by Peter Thaleikis in WordPress Plugin Squelch Tabs and Accordions Shortcodes versions = 0.4.8...

CVE-2024-5946

CVE-2024-5946 affects the Squelch Tabs and Accordions Shortcodes WordPress plugin (all versions up to 0.4.8). The issue is Stored Cross-Site Scripting via the tab shortcode caused by insufficient input sanitization and output escaping, enabling authenticated attackers with Contributor+ privileges...

CVE-2024-5946 Squelch Tabs and Accordions Shortcodes <= 0.4.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via tab Shortcode

The Squelch Tabs and Accordions Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘tab’ shortcode in all versions up to, and including, 0.4.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

WordPress plugin Squelch Tabs and Accordions Shortcodes security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in the...

PT-2024-37260 · WordPress · Squelch Tabs/Accordions Shortcodes

Name of the Vulnerable Software and Affected Versions: Squelch Tabs and Accordions Shortcodes plugin for WordPress versions up to, and including, 0.4.8 Description: The issue is related to Stored Cross-Site Scripting via the tab shortcode due to insufficient input sanitization and output escaping...

WordPress Squelch Tabs and Accordions Shortcodes Plugin <= 0.4.8 is vulnerable to Cross Site Scripting (XSS)

Software Squelch Tabs and Accordions Shortcodes Type Plugin Vulnerable versions = 0.4.8 Fixed in 0.4.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5946 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b92bc9205697 Credits...

WordPress plugin Squelch Tabs and Accordions Shortcodes 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

CVE-2024-4463 Squelch Tabs and Accordions Shortcodes <= 0.4.7 - Cross-Site Request Forgery

The Squelch Tabs and Accordions Shortcodes plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.4.7. This is due to missing or incorrect nonce validation when saving plugin settings. This makes it possible for unauthenticated attackers to modify...

PT-2024-31200 · WordPress · Squelch Tabs/Accordions Shortcodes

Name of the Vulnerable Software and Affected Versions: Squelch Tabs and Accordions Shortcodes plugin for WordPress versions up to, and including, 0.4.7 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation when saving plugin settings. This...

WordPress Squelch Tabs and Accordions Shortcodes plugin <= 0.4.7 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by Benedictus Jovan aillesiM in WordPress Plugin Squelch Tabs and Accordions Shortcodes versions = 0.4.7...

WordPress Squelch Tabs and Accordions Shortcodes Plugin <= 0.4.7 is vulnerable to Cross Site Request Forgery (CSRF)

Software Squelch Tabs and Accordions Shortcodes Type Plugin Vulnerable versions = 0.4.7 Fixed in 0.4.8 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-4463 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 80dc3fbc8cbb Credi...

CVE-2024-2499

The Squelch Tabs and Accordions Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'accordions' shortcode in all versions up to, and including, 0.4.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

CVE-2024-2499 Squelch Tabs and Accordions Shortcodes <= 0.4.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via accordions Shortcode

The Squelch Tabs and Accordions Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'accordions' shortcode in all versions up to, and including, 0.4.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

PT-2024-20689 · WordPress · Squelch Tabs/Accordions Shortcodes

Name of the Vulnerable Software and Affected Versions: Squelch Tabs and Accordions Shortcodes plugin for WordPress versions up to, and including, 0.4.3 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'accordions' shortcode due to insufficient input sanitization a...

WordPress Plugin Squelch Tabs and Accordions Shortcodes 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...