198 matches found
WordPress Form Maker by 10Web plugin <= 1.15.24 - Authenticated (Subscriber+) Stored Self-Based Cross-Site Scripting vulnerability
Authenticated Subscriber+ Stored Self-Based Cross-Site Scripting vulnerability discovered by stealthcopter in WordPress Plugin Form Maker by 10Web versions = 1.15.24...
WordPress plugin Form Maker by 10Web 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability exists in...
CVE-2024-32583
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Photo Gallery Team Photo Gallery by 10Web allows Reflected XSS.This issue affects Photo Gallery by 10Web: from n/a through 1.8.21...
CVE-2024-32578
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 10Web Slider by 10Web allows Reflected XSS.This issue affects Slider by 10Web: from n/a through 1.2.54...
WordPress Plugin Slider by 10Web 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2024-24699 · 10Web · 10Web Slider
Name of the Vulnerable Software and Affected Versions: 10Web Slider by 10Web versions 1.2.54 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Reflected XSS. Recommendations: For versio...
PT-2024-24705 · 10Web · Photo Gallery
Name of the Vulnerable Software and Affected Versions: Photo Gallery by 10Web versions 1.8.21 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Reflected XSS. Recommendations: For...
WordPress Plugin Photo Gallery by 10Web 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerability...
CVE-2024-32534
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 10Web Form Builder Team Form Maker by 10Web allows Stored XSS.This issue affects Form Maker by 10Web: from n/a through 1.15.23...
CVE-2024-2112
The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.15.22 via the signature functionality. This makes it possible for unauthenticated attackers to extract sensitive...
WordPress Photo Gallery by 10Web plugin <= 1.8.21 - Authenticated (Admin+) Stored Cross-Site Scripting via SVG vulnerability
Authenticated Admin+ Stored Cross-Site Scripting via SVG vulnerability discovered by Jobert Krohnen in WordPress Plugin Photo Gallery by 10Web versions = 1.8.21...
PT-2024-15159 · 10Web · 10Web Ai Assistant
Name of the Vulnerable Software and Affected Versions: 10Web AI Assistant versions up to, and including, 1.0.18 Description: The issue allows authenticated attackers with subscriber-level access and above to install arbitrary plugins, potentially gaining further access to a compromised site. This...
WordPress plugin Photo Gallery by 10Web security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...
WordPress plugin Form Maker by 10Web Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
CVE-2023-5559
The 10Web Booster WordPress plugin before 2.24.18 does not validate the option name given to some AJAX actions, allowing unauthenticated users to delete arbitrary options from the database, leading to denial of service...
WordPress plugin 10Web Booster security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability in the WordPress...
CVE-2023-34375
Unauth. Reflected Cross-Site Scripting XSS vulnerability in 10Web SEO by 10Web plugin = 1.2.9 versions...
WordPress Plugin SEO by 10Web Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
The vulnerability of the SEO plugin developed by 10Web, a content management system for WordPress, allows attackers to perform cross-site scripting attacks.
The vulnerability of the SEO plugin of the 10Web content management system for WordPress is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks...
VulnCheck KEV: CVE-2023-5559
The 10Web Booster WordPress plugin before 2.24.18 does not validate the option name given to some AJAX actions, allowing unauthenticated users to delete arbitrary options from the database, leading to denial of service...