9 matches found
CVE-2022-4580
The Twenty20 Image Before-After WordPress plugin through 1.5.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting...
CVE-2022-4580
The Twenty20 Image Before-After WordPress plugin through 1.5.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting...
Cross site scripting
The Twenty20 Image Before-After WordPress plugin through 1.5.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting...
CVE-2022-4580 Twenty20 Image Before-After <= 1.5.9 - Contributor+ Stored XSS
The Twenty20 Image Before-After WordPress plugin through 1.5.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting...
CVE-2022-4580
CVE-2022-4580 affects Twenty20 Image Before-After WordPress plugin versions up to 1.5.9. The vulnerability is a Stored XSS due to insufficient validation/escaping of shortcode attributes, enabling a contributor or higher to inject script when the shortcode is rendered in a post/page. The connecte...
WordPress plugin Twenty20 Image Before-After 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
PT-2023-14755 · WordPress · Twenty20 Image Before-After
Name of the Vulnerable Software and Affected Versions: Twenty20 Image Before-After WordPress plugin versions 1.5.9 and earlier Description: The issue concerns the Twenty20 Image Before-After WordPress plugin, which does not properly validate and escape some of its shortcode attributes before...
WordPress Twenty20 Image Before-After Plugin <= 1.7.2 is vulnerable to Cross Site Scripting (XSS)
Software Twenty20 Image Before-After Type Plugin Vulnerable versions = 1.7.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4580 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID d082c511a4c8 Credits István...
ICC Twenty20 World Cup 2012 website Hacked !
ICC Twenty20 World Cup 2012 website Hacked ! Hacked site link :...