WordPress plugin Just TinyMCE Custom Styles 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...

WordPress Just TinyMCE Custom Styles plugin <= 1.2.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin Just TinyMCE Custom Styles versions = 1.2.1...

EUVD-2023-28059

Malicious code in bioql PyPI...

CVE-2023-23995

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Tim Reeves & David Stöckl TinyMCE Custom Styles plugin = 1.1.2 versions...

CVE-2023-2967

The TinyMCE Custom Styles WordPress plugin before 1.1.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

Cross site scripting

The TinyMCE Custom Styles WordPress plugin before 1.1.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2023-2967

The CVE-2023-2967 entry concerns the TinyMCE Custom Styles WordPress plugin (versions prior to 1.1.4). The connected sources confirm that the issue arises from insufficient sanitization/escaping of certain settings, enabling Stored Cross-Site Scripting by high-privilege users (e.g., admins) even ...

WordPress plugin TinyMCE Custom Styles 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...

PT-2023-22355 · WordPress · Tinymce Custom Styles

Name of the Vulnerable Software and Affected Versions: TinyMCE Custom Styles WordPress plugin versions prior to 1.1.4 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks, even when the unfiltered html capability is disallowed, for...

CVE-2023-23995

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Tim Reeves & David Stöckl TinyMCE Custom Styles plugin = 1.1.2 versions...

CVE-2023-23995

CVE-2023-23995 affects the WordPress TinyMCE Custom Styles plugin (versions

CVE-2023-23995 WordPress TinyMCE Custom Styles Plugin <= 1.1.2 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Tim Reeves & David Stöckl TinyMCE Custom Styles plugin = 1.1.2 versions...

PT-2023-19344 · Unknown · Tinymce Custom Styles Plugin

Name of the Vulnerable Software and Affected Versions: Tim Reeves & David Stöckl TinyMCE Custom Styles plugin versions = 1.1.2 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin+ privileges. This vulnerability affects the T...

WordPress plugin TinyMCE Custom Styles 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...