73 matches found
CVE-2024-10744
A vulnerability was found in PHPGurukul Online Shopping Portal 2.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/assets/plugins/DataTables/media/unittesting/templates/complexheader2.php. The manipulation of the argument scripts...
CVE-2024-8871
The Pricing Tables WordPress Plugin – Easy Pricing Tables plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 3.2.5. This makes it possible for unauthenticated attackers to...
CVE-2024-12772
The Ninja Tables WordPress plugin before 5.0.17 does not sanitize and escape a parameter before outputting it back in the page when importing a CSV, leading to a Cross Site Scripting vulnerability...
CVE-2023-1274
The Pricing Tables For WPBakery Page Builder formerly Visual Composer WordPress plugin before 3.0 does not validate some shortcode attributes before using them to generate paths passed to include function/s, allowing any authenticated users such as subscriber to perform LFI attacks...
CVE-2022-4654
The Pricing Tables WordPress Plugin WordPress plugin before 3.2.3 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack...
CVE-2022-47137
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in WPManageNinja LLC Ninja Tables plugin = 4.3.4 versions...
CVE-2021-25098
The Pricing Tables WordPress Plugin WordPress plugin before 3.1.3 does not verify the CSRF nonce when removing posts, allowing attackers to make a logged in admin remove arbitrary posts from the blog via a CSRF attack, which will be put in the trash...
CVE-2015-9401
The websimon-tables plugin through 1.3.4 for WordPress has wp-admin/tools.php editstyle id XSS...
CVE-2017-18597
The jtrt-responsive-tables plugin before 4.1.2 for WordPress has SQL Injection via the admin/class-jtrt-responsive-tables-admin.php tableId parameter...
CVE-2024-12772
The Ninja Tables WordPress plugin before 5.0.17 does not sanitize and escape a parameter before outputting it back in the page when importing a CSV, leading to a Cross Site Scripting vulnerability...
WordPress plugin OS Pricing Tables 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
CVE-2024-8323
The Pricing Tables WordPress Plugin – Easy Pricing Tables plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘fontFamily’ attribute in all versions up to, and including, 3.2.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticat...
CVE-2024-8323
CVE-2024-8323 affects the Pricing Tables WordPress Plugin – Easy Pricing Tables (WordPress). The vulnerability is a Stored Cross-Site Scripting via the fontFamily attribute in all versions up to and including 3.2.6, exploitable by authenticated users with Contributor-level access or higher to inj...
CVE-2024-10757
A vulnerability, which was classified as problematic, has been found in PHPGurukul Online Shopping Portal 2.0. Affected by this issue is some unknown functionality of the file /admin/assets/plugins/DataTables/media/unittesting/templates/jsdata.php. The manipulation of the argument scripts leads t...
CVE-2024-10756
A vulnerability classified as problematic was found in PHPGurukul Online Shopping Portal 2.0. Affected by this vulnerability is an unknown functionality of the file /admin/assets/plugins/DataTables/media/unittesting/templates/htmltable.php. The manipulation of the argument scripts leads to cross...
PHPGurukul Online Shopping Portal 跨站脚本漏洞
Online Shopping Portal is an online store system. Online Shopping Portal suffers from a cross-site scripting vulnerability that originates in the parameter admin/assets/plugins/DataTables/media/unittesting/templates/domdatatwoheaders.php. scripts lack effective filtering and escaping of...
PHPGurukul Online Shopping Portal 跨站脚本漏洞
Online Shopping Portal is an online store. Online Shopping Portal suffers from a cross-site scripting vulnerability that originates from the parameter scripts in file /admin/assets/plugins/DataTables/media/unittesting/templates/complexheader2.php that is not validly filtered and escaped by...
WordPress plugin Pricing Tables WordPress Plugin – Easy Pricing Tables 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. WordPress plugin Pricing Tables WordPress Plugin - Eas...
PT-2024-39289 · WordPress · Pricing Tables Wordpress Plugin
Name of the Vulnerable Software and Affected Versions: Pricing Tables WordPress Plugin – Easy Pricing Tables plugin for WordPress versions up to, and including, 3.2.5 Description: The issue arises from the use of add query arg without proper escaping on the URL, leading to Reflected Cross-Site...
WordPress Pricing Tables WordPress Plugin – Easy Pricing Tables plugin <= 3.2.5 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin Easy Pricing Tables versions = 3.2.5...