Lucene search
K

72 matches found

NVD
NVD
added 2025/03/25 6:15 a.m.11 views

CVE-2024-11503

The WP Tabs WordPress plugin before 2.2.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

6.1CVSS0.00257EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/03/25 6:0 a.m.19 views

CVE-2024-11503 WP Tabs < 2.2.7 - Admin+ Stored XSS

The WP Tabs WordPress plugin before 2.2.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

0.00257EPSS
Exploits1References1
CVE
CVE
added 2025/03/25 6:0 a.m.66 views

CVE-2024-11503

WP Tabs for WordPress is affected by CVE-2024-11503: versions before 2.2.7 do not sanitise/escape certain settings, allowing stored XSS by high-privilege users (e.g., admins) even when unfiltered_html is disallowed (e.g., multisite). The issue is documented across NVD, Red Hat, CVE records, and r...

6.1CVSS5.8AI score0.00257EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2025/03/25 12:0 a.m.4 views

WordPress plugin WP Tabs 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

6.1CVSS6AI score0.00257EPSS
Exploits1References3
OSV
OSV
added 2024/07/30 6:15 a.m.6 views

CVE-2024-4096

The Responsive Tabs WordPress plugin through 4.0.8 does not sanitise and escape some of its Tab settings, which could allow high privilege users such as Contributors and above to perform Stored Cross-Site Scripting attacks...

5.9CVSS5.8AI score0.0043EPSS
Exploits1References1
Patchstack
Patchstack
added 2024/07/09 4:32 p.m.7 views

WordPress Tabs For WPBakery Page Builder plugin <= 1.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Tabs For WPBakery Page Builder versions = 1.2...

6.5CVSS5.8AI score0.00275EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/06/20 10:18 a.m.6 views

WordPress Tabs plugin <= 4.0.6 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Jean Tirstan T Patchstack Alliance in WordPress Plugin Tabs versions = 4.0.6...

5.9CVSS6.1AI score0.00276EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/06/20 12:0 a.m.20 views

WordPress Tabs Plugin <= 4.0.6 is vulnerable to Cross Site Scripting (XSS)

Software Tabs Type Plugin Vulnerable versions = 4.0.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37120 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID cca26fed23f5 Credits Jean Tirstan T Required privilege Administrator...

5.9CVSS6.6AI score0.00276EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/01/05 12:15 p.m.2 views

CVE-2023-52124

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ShapedPlugin LLC WP Tabs – Responsive Tabs Plugin for WordPress allows Stored XSS.This issue affects WP Tabs – Responsive Tabs Plugin for WordPress: from n/a through 2.2.0...

5.4CVSS7.3AI score0.00303EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/01/05 11:17 a.m.15 views

CVE-2023-52124 WordPress WP Tabs Plugin <= 2.2.0 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ShapedPlugin LLC WP Tabs – Responsive Tabs Plugin for WordPress allows Stored XSS.This issue affects WP Tabs – Responsive Tabs Plugin for WordPress: from n/a through 2.2.0...

6.5CVSS6.7AI score0.00303EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/01/05 11:17 a.m.2 views

CVE-2023-52124 WordPress WP Tabs Plugin <= 2.2.0 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ShapedPlugin LLC WP Tabs – Responsive Tabs Plugin for WordPress allows Stored XSS.This issue affects WP Tabs – Responsive Tabs Plugin for WordPress: from n/a through 2.2.0...

6.5CVSS6.7AI score0.00303EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/01/05 12:0 a.m.5 views

PT-2024-14421 · WordPress · Wp Tabs

Name of the Vulnerable Software and Affected Versions: WP Tabs – Responsive Tabs Plugin for WordPress versions prior to 2.2.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means...

6.5CVSS6.2AI score0.00303EPSS
Exploits0References4
OSV
OSV
added 2023/08/08 12:15 p.m.3 views

CVE-2023-24409

Unauth. Reflected Cross-Site Scripting XSS vulnerability in I Thirteen Web Solution WP Responsive Tabs horizontal vertical and accordion Tabs plugin = 1.1.15 versions...

6.1CVSS7.3AI score0.00382EPSS
Exploits0References1
NVD
NVD
added 2023/02/14 12:15 p.m.18 views

CVE-2023-25065

Cross-Site Request Forgery CSRF vulnerability in ShapedPlugin WP Tabs – Responsive Tabs Plugin for WordPress plugin = 2.1.14 versions...

8.8CVSS6.5AI score0.00255EPSS
Exploits0References1
CVE
CVE
added 2023/02/14 11:6 a.m.63 views

CVE-2023-25065

CVE-2023-25065 reports a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin “WP Tabs – Responsive Tabs” (ShapedPlugin)

8.8CVSS7.2AI score0.00255EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/02/14 11:6 a.m.25 views

CVE-2023-25065 WordPress WP Tabs Plugin <= 2.1.14 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in ShapedPlugin WP Tabs – Responsive Tabs Plugin for WordPress plugin = 2.1.14 versions...

5.4CVSS9.1AI score0.00255EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/02/14 12:0 a.m.7 views

WordPress Plugin WP Tabs 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

8.8CVSS8AI score0.00255EPSS
Exploits0References2
OSV
OSV
added 2023/01/30 9:15 p.m.3 views

CVE-2023-0071

The WP Tabs WordPress plugin before 2.1.17 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS6.1AI score0.00534EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/01/30 8:31 p.m.8 views

CVE-2023-0071 WP Tabs < 2.1.17 - Contributor+ Stored XSS

The WP Tabs WordPress plugin before 2.1.17 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.3AI score0.00534EPSS
Exploits2References1
Cvelist
Cvelist
added 2023/01/30 8:31 p.m.27 views

CVE-2023-0071 WP Tabs < 2.1.17 - Contributor+ Stored XSS

The WP Tabs WordPress plugin before 2.1.17 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.5AI score0.00534EPSS
Exploits2References1
Rows per page
Query Builder