72 matches found
CVE-2024-11503
The WP Tabs WordPress plugin before 2.2.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-11503 WP Tabs < 2.2.7 - Admin+ Stored XSS
The WP Tabs WordPress plugin before 2.2.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-11503
WP Tabs for WordPress is affected by CVE-2024-11503: versions before 2.2.7 do not sanitise/escape certain settings, allowing stored XSS by high-privilege users (e.g., admins) even when unfiltered_html is disallowed (e.g., multisite). The issue is documented across NVD, Red Hat, CVE records, and r...
WordPress plugin WP Tabs 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
CVE-2024-4096
The Responsive Tabs WordPress plugin through 4.0.8 does not sanitise and escape some of its Tab settings, which could allow high privilege users such as Contributors and above to perform Stored Cross-Site Scripting attacks...
WordPress Tabs For WPBakery Page Builder plugin <= 1.2 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Tabs For WPBakery Page Builder versions = 1.2...
WordPress Tabs plugin <= 4.0.6 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Jean Tirstan T Patchstack Alliance in WordPress Plugin Tabs versions = 4.0.6...
WordPress Tabs Plugin <= 4.0.6 is vulnerable to Cross Site Scripting (XSS)
Software Tabs Type Plugin Vulnerable versions = 4.0.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37120 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID cca26fed23f5 Credits Jean Tirstan T Required privilege Administrator...
CVE-2023-52124
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ShapedPlugin LLC WP Tabs – Responsive Tabs Plugin for WordPress allows Stored XSS.This issue affects WP Tabs – Responsive Tabs Plugin for WordPress: from n/a through 2.2.0...
CVE-2023-52124 WordPress WP Tabs Plugin <= 2.2.0 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ShapedPlugin LLC WP Tabs – Responsive Tabs Plugin for WordPress allows Stored XSS.This issue affects WP Tabs – Responsive Tabs Plugin for WordPress: from n/a through 2.2.0...
CVE-2023-52124 WordPress WP Tabs Plugin <= 2.2.0 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ShapedPlugin LLC WP Tabs – Responsive Tabs Plugin for WordPress allows Stored XSS.This issue affects WP Tabs – Responsive Tabs Plugin for WordPress: from n/a through 2.2.0...
PT-2024-14421 · WordPress · Wp Tabs
Name of the Vulnerable Software and Affected Versions: WP Tabs – Responsive Tabs Plugin for WordPress versions prior to 2.2.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means...
CVE-2023-24409
Unauth. Reflected Cross-Site Scripting XSS vulnerability in I Thirteen Web Solution WP Responsive Tabs horizontal vertical and accordion Tabs plugin = 1.1.15 versions...
CVE-2023-25065
Cross-Site Request Forgery CSRF vulnerability in ShapedPlugin WP Tabs – Responsive Tabs Plugin for WordPress plugin = 2.1.14 versions...
CVE-2023-25065
CVE-2023-25065 reports a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin “WP Tabs – Responsive Tabs” (ShapedPlugin)
CVE-2023-25065 WordPress WP Tabs Plugin <= 2.1.14 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in ShapedPlugin WP Tabs – Responsive Tabs Plugin for WordPress plugin = 2.1.14 versions...
WordPress Plugin WP Tabs 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
CVE-2023-0071
The WP Tabs WordPress plugin before 2.1.17 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2023-0071 WP Tabs < 2.1.17 - Contributor+ Stored XSS
The WP Tabs WordPress plugin before 2.1.17 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2023-0071 WP Tabs < 2.1.17 - Contributor+ Stored XSS
The WP Tabs WordPress plugin before 2.1.17 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...