92 matches found
CVE-2022-46861
CVE-2022-46861 describes an Authenticated Stored Cross-Site Scripting (XSS) in the WordPress plugin Login Page Styler (Zia Imtiaz) for WordPress, affecting versions up to and including 6.2. The root cause is insufficient sanitization/escaping of inputs, enabling an admin+ user to inject scripts t...
Wordpress plugin Login Page Styler 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
WordPress Login Page Styler Plugin <= 6.2 is vulnerable to Cross Site Scripting (XSS)
Software Login Page Styler Type Plugin Vulnerable versions = 6.2 Fixed in 6.2.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-46861 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID c713b1568697 Credits Justiice Required...
WordPress Pagination Styler for WooCommerce Plugin <= 3.5.7.6 is vulnerable to Broken Access Control
Software Pagination Styler for WooCommerce Type Plugin Vulnerable versions = 3.5.7.6 Fixed in 3.5.7.7 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2022-45813 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 9700cfe7197b Credits István...
Spectra < 1.15.0 - Contributor+ Stored Cross-Side Scripting
The plugin does not sanitize user input as it reaches its style HTML attribute, allowing contributors to conduct stored XSS attacks via the plugin's Gutenberg blocks. Note: The exploit requires the Contact Form 7 plugin. Exploit Additional CSS classes for “Contact Form 7 Styler” Gutenberg block: ...
CVE-2021-4280 styler_praat_scripts Slash file_segmenter.praat denial of service
A vulnerability was found in stylerpraatscripts. It has been classified as problematic. Affected is an unknown function of the file filesegmenter.praat of the component Slash Handler. The manipulation leads to denial of service. It is possible to launch the attack remotely. The name of the patch ...
PT-2022-11694 · Unknown · Styler Praat Scripts
Name of the Vulnerable Software and Affected Versions: styler praat scripts affected versions not specified Description: A vulnerability was found in styler praat scripts, classified as problematic. It affects an unknown function of the file file segmenter.praat of the component Slash Handler,...
WordPress Grid & Styler For Contact Form 7 And Divi plugin <= 1.4.0 - Sensitive Information Disclosure vulnerability
Sensitive Information Disclosure vulnerability discovered in WordPress Grid & Styler For Contact Form 7 And Divi plugin versions = 1.4.0. Solution Update the WordPress Grid & Styler For Contact Form 7 And Divi plugin to the latest available version at least 1.4.1...
WordPress Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler plugin < 1.4.2 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler plugin versions 1.4.2. Solution Update the WordPress Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler plugin to the...
Cross-site scripting vulnerability in wordpress plugin text-styler
WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. The wordpress plugin text-styler has a cross-site scripting vulnerability due to improper filtering of user input, which allo...
joomlacontent-sql.txt
------------------------------------------------------------------------------------------- Joomla Component comcontent SQL Injection Vulnerabity ------------------------------------------------------------------------------------------- Author : unknownstyler Dork : inurl:comcontent POC :...
PT-2005-2892 · Silvercity · Silvercity
Name of the Vulnerable Software and Affected Versions: SilverCity versions prior to 0.9.5-r1 Description: The issue allows local users to execute arbitrary code due to the installation of certain files with read and write world permissions. The affected files include cgi-styler-form.py,...