77 matches found
CVE-2023-49819 WordPress Structured Content Plugin <= 1.5.3 is vulnerable to PHP Object Injection
Deserialization of Untrusted Data vulnerability in Gordon Böhme, Antonio Leutsch Structured Content JSON-LD wpsc.This issue affects Structured Content JSON-LD wpsc: from n/a through 1.5.3...
WordPress Plugin Structured Content Code Issue Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in...
PT-2023-31371 · Unknown · Structured Content
Name of the Vulnerable Software and Affected Versions: Structured Content JSON-LD versions n/a through 1.5.3 Description: The issue is related to Deserialization of Untrusted Data, which affects the Structured Content JSON-LD plugin. No information is provided about the estimated number of...
CVE-2023-49820
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Gordon Böhme, Antonio Leutsch Structured Content JSON-LD wpsc allows Stored XSS.This issue affects Structured Content JSON-LD wpsc: from n/a through 1.5.3...
Cross site scripting
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Gordon Böhme, Antonio Leutsch Structured Content JSON-LD wpsc allows Stored XSS.This issue affects Structured Content JSON-LD wpsc: from n/a through 1.5.3...
CVE-2023-49820 WordPress Structured Content Plugin <= 1.5.3 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Gordon Böhme, Antonio Leutsch Structured Content JSON-LD wpsc allows Stored XSS.This issue affects Structured Content JSON-LD wpsc: from n/a through 1.5.3...
CVE-2023-49820
CVE-2023-49820 is a stored XSS vulnerability in the WordPress plugin Structured Content (JSON-LD) #wpsc. Affected versions are
WordPress plugin and WordPress cross-site scripting vulnerabilities
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
Structured Content < 1.6 - Contributor+ Stored XSS
Description The plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user...
WordPress Structured Content Plugin <= 1.5.3 is vulnerable to Cross Site Scripting (XSS)
Software Structured Content Type Plugin Vulnerable versions = 1.5.3 Fixed in 1.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-49820 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 4db95a68f57c Credits LVT-tholv2k Required privilege...
WordPress Structured Content Plugin <= 1.5.3 is vulnerable to PHP Object Injection
Software Structured Content Type Plugin Vulnerable versions = 1.5.3 Fixed in 1.6 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2023-49819 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID bffa4eda39b1 Credits LVT-tholv2k Required privilege Contributo...
Cross site scripting
The Structured Content WordPress plugin before 1.5.1 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...
CVE-2022-4715 Structured Content < 1.5.1 - Contributor+ Stored XSS in Shortcode
The Structured Content WordPress plugin before 1.5.1 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...
CVE-2022-4715
The CVE concerns The Structured Content WordPress plugin, prior to version 1.5.1. The vulnerability stems from not validating/escaping certain shortcode attributes before echoing them, enabling Stored XSS when a user with as little as a contributor role views a page, potentially affecting higher-...
CVE-2022-4715 Structured Content < 1.5.1 - Contributor+ Stored XSS in Shortcode
The Structured Content WordPress plugin before 1.5.1 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...
WordPress plugin The Structured Content 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
Apache JackRabbit 2.0.0 webapp XPath Injection
No description provided by source. Title: Apache JackRabbit webapp XPath Injection Author: ADEO Security Published: 11/08/2010 Version: 2.0.0 Possible all versions Vendor: http://www.apache.org Download: http://www.apache.org/dyn/closer.cgi/jackrabbit/2.0.0/jackrabbit-2.0.0-src.zip Description:...