Lucene search
K

77 matches found

Cvelist
Cvelist
added 2023/12/18 11:35 p.m.31 views

CVE-2023-49819 WordPress Structured Content Plugin <= 1.5.3 is vulnerable to PHP Object Injection

Deserialization of Untrusted Data vulnerability in Gordon Böhme, Antonio Leutsch Structured Content JSON-LD wpsc.This issue affects Structured Content JSON-LD wpsc: from n/a through 1.5.3...

7.5CVSS9.7AI score0.00746EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/12/18 12:0 a.m.6 views

WordPress Plugin Structured Content Code Issue Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in...

9.8CVSS6.8AI score0.00746EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/12/18 12:0 a.m.6 views

PT-2023-31371 · Unknown · Structured Content

Name of the Vulnerable Software and Affected Versions: Structured Content JSON-LD versions n/a through 1.5.3 Description: The issue is related to Deserialization of Untrusted Data, which affects the Structured Content JSON-LD plugin. No information is provided about the estimated number of...

9.8CVSS9.2AI score0.00746EPSS
Exploits0References6
OSV
OSV
added 2023/12/14 4:15 p.m.5 views

CVE-2023-49820

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Gordon Böhme, Antonio Leutsch Structured Content JSON-LD wpsc allows Stored XSS.This issue affects Structured Content JSON-LD wpsc: from n/a through 1.5.3...

5.4CVSS5.8AI score0.00385EPSS
Exploits0References1
Prion
Prion
added 2023/12/14 4:15 p.m.18 views

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Gordon Böhme, Antonio Leutsch Structured Content JSON-LD wpsc allows Stored XSS.This issue affects Structured Content JSON-LD wpsc: from n/a through 1.5.3...

4.9CVSS6.9AI score0.00385EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/12/14 3:53 p.m.32 views

CVE-2023-49820 WordPress Structured Content Plugin <= 1.5.3 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Gordon Böhme, Antonio Leutsch Structured Content JSON-LD wpsc allows Stored XSS.This issue affects Structured Content JSON-LD wpsc: from n/a through 1.5.3...

6.5CVSS6.6AI score0.00385EPSS
Exploits0References1
CVE
CVE
added 2023/12/14 3:53 p.m.71 views

CVE-2023-49820

CVE-2023-49820 is a stored XSS vulnerability in the WordPress plugin Structured Content (JSON-LD) #wpsc. Affected versions are

6.5CVSS6.7AI score0.00385EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/12/14 12:0 a.m.4 views

WordPress plugin and WordPress cross-site scripting vulnerabilities

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.5CVSS6AI score0.00385EPSS
Exploits0References2
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.16 views

Structured Content < 1.6 - Contributor+ Stored XSS

Description The plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user...

6.5CVSS5.7AI score0.00385EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/12/05 12:0 a.m.9 views

WordPress Structured Content Plugin <= 1.5.3 is vulnerable to Cross Site Scripting (XSS)

Software Structured Content Type Plugin Vulnerable versions = 1.5.3 Fixed in 1.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-49820 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 4db95a68f57c Credits LVT-tholv2k Required privilege...

6.5CVSS6.6AI score0.00385EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/12/05 12:0 a.m.10 views

WordPress Structured Content Plugin <= 1.5.3 is vulnerable to PHP Object Injection

Software Structured Content Type Plugin Vulnerable versions = 1.5.3 Fixed in 1.6 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2023-49819 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID bffa4eda39b1 Credits LVT-tholv2k Required privilege Contributo...

9.8CVSS6.8AI score0.00746EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/01/23 3:15 p.m.16 views

Cross site scripting

The Structured Content WordPress plugin before 1.5.1 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...

4.9CVSS5.3AI score0.00471EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2023/01/23 2:31 p.m.25 views

CVE-2022-4715 Structured Content < 1.5.1 - Contributor+ Stored XSS in Shortcode

The Structured Content WordPress plugin before 1.5.1 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...

5.5AI score0.00471EPSS
Exploits2References1
CVE
CVE
added 2023/01/23 2:31 p.m.41 views

CVE-2022-4715

The CVE concerns The Structured Content WordPress plugin, prior to version 1.5.1. The vulnerability stems from not validating/escaping certain shortcode attributes before echoing them, enabling Stored XSS when a user with as little as a contributor role views a page, potentially affecting higher-...

5.4CVSS5.3AI score0.00471EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/01/23 2:31 p.m.8 views

CVE-2022-4715 Structured Content < 1.5.1 - Contributor+ Stored XSS in Shortcode

The Structured Content WordPress plugin before 1.5.1 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...

5.5AI score0.00471EPSS
Exploits2References1
CNNVD
CNNVD
added 2023/01/23 12:0 a.m.5 views

WordPress plugin The Structured Content 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

5.4CVSS5.4AI score0.00471EPSS
Exploits2References2
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.22 views

Apache JackRabbit 2.0.0 webapp XPath Injection

No description provided by source. Title: Apache JackRabbit webapp XPath Injection Author: ADEO Security Published: 11/08/2010 Version: 2.0.0 Possible all versions Vendor: http://www.apache.org Download: http://www.apache.org/dyn/closer.cgi/jackrabbit/2.0.0/jackrabbit-2.0.0-src.zip Description:...

7.1AI score
Exploits0
Rows per page
Query Builder