67 matches found
PT-2024-17522 · WordPress · Beautiful Taxonomy Filters
Name of the Vulnerable Software and Affected Versions: The Beautiful taxonomy filters plugin for WordPress versions up to, and including, 2.4.3 Description: The issue is related to SQL Injection via the selects0term parameter due to insufficient escaping on the user-supplied parameter and lack of...
CVE-2023-7295
The Video Grid plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the searchterm parameter in versions up to, and including, 1.21 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts ...
WordPress plugin Video Grid 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
CVE-2023-2289
The wordpress vertical image slider plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘searchterm’ parameter in versions up to, and including, 1.2.16 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inje...
CVE-2023-2289
The wordpress vertical image slider plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘searchterm’ parameter in versions up to, and including, 1.2.16 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inje...
CVE-2023-2402
The Photo Gallery Slideshow & Masonry Tiled Gallery plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the searchterm parameter in versions up to, and including, 1.0.13 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...
CVE-2023-2184
The WP Responsive Tabs horizontal vertical and accordion Tabs plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the searchterm parameter in versions up to, and including, 1.1.15 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2023-2184
The WP Responsive Tabs horizontal vertical and accordion Tabs plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the searchterm parameter in versions up to, and including, 1.1.15 due to insufficient input sanitization and output escaping. This makes it possible for...
PT-2023-19363 · WordPress · The Photo Gallery Slideshow & Masonry Tiled Gallery
Name of the Vulnerable Software and Affected Versions: The Photo Gallery Slideshow & Masonry Tiled Gallery plugin for WordPress versions up to, and including, 1.0.13 Description: The issue arises from insufficient input sanitization and output escaping, making it possible for unauthenticated...
WordPress Plugin Team Circle Image Slider With Lightbox 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
CVE-2023-2710
The video carousel slider with lightbox plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the searchterm parameter in versions up to, and including, 1.0.22 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...
CVE-2023-2120
The Thumbnail carousel slider plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the searchterm parameter in versions up to, and including, 1.1.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
CVE-2023-2120
The Thumbnail carousel slider plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the searchterm parameter in versions up to, and including, 1.1.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
CVE-2023-2119
The Responsive Filterable Portfolio plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the searchterm parameter in versions up to, and including, 1.0.19 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
CVE-2022-40119
Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the searchterm parameter at /net-banking/transactions.php...
CVE-2022-40120
Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the searchterm parameter at /net-banking/customertransactions.php...
PT-2022-25222 · Unknown · Online Banking System
Name of the Vulnerable Software and Affected Versions: Online Banking System version 1.0 Description: The issue is related to a SQL injection vulnerability. It can be exploited via the search term parameter at the "/net-banking/transactions.php" API endpoint. Recommendations: For Online Banking...
Online Banking System SQL注入漏洞
Online Banking System is an online banking system developed using PHP and MySQL. v1.0 of Online Banking System contains a security vulnerability that originates in the searchterm parameter in the /net-banking/transactions.php location. injection issue in the searchterm parameter at...
CVE-2021-45416
Reflected Cross-site scripting XSS vulnerability in RosarioSIS 8.2.1 allows attackers to inject arbitrary HTML via the searchterm parameter in the modules/Scheduling/Courses.php script...
CVE-2021-45416
Reflected Cross-site scripting XSS vulnerability in RosarioSIS 8.2.1 allows attackers to inject arbitrary HTML via the searchterm parameter in the modules/Scheduling/Courses.php script...