CVE-2023-51487

Cross-Site Request Forgery CSRF vulnerability in ARI Soft ARI Stream Quiz.This issue affects ARI Stream Quiz: from n/a through 1.2.32...

CVE-2023-51487

Cross-Site Request Forgery CSRF vulnerability in ARI Soft ARI Stream Quiz.This issue affects ARI Stream Quiz: from n/a through 1.2.32...

PT-2024-14146 · Unknown · Ari Stream Quiz

Name of the Vulnerable Software and Affected Versions: ARI Stream Quiz versions 1.2.32 and earlier Description: A Cross-Site Request Forgery CSRF issue has been identified. This type of issue occurs when an application does not properly validate requests, allowing an attacker to trick a user into...

CVE-2023-47835

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ARI Soft ARI Stream Quiz – WordPress Quizzes Builder plugin = 1.2.32 versions...

WordPress ARI Stream Quiz Plugin <= 1.2.32 is vulnerable to Cross Site Scripting (XSS)

Software ARI Stream Quiz Type Plugin Vulnerable versions = 1.2.32 Fixed in 1.3.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-47835 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 60fc20d13481 Credits emad Required privilege Contributor...

WordPress plugin Form Builder CP 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

PT-2022-17449 · WordPress · Form Builder

Name of the Vulnerable Software and Affected Versions: Form Builder CP WordPress plugin versions prior to 1.2.32 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks. This is possible because some form settings are not properly sanitis...

WordPress plugin WooCommerce 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress WooCommerce plugin versions prior to 1.2.32 are vulnerable to arbitrary file deletion, which stems...

CVE-2018-7543

Cross-site scripting XSS vulnerability in installer/build/view.step4.php of the SnapCreek Duplicator plugin 1.2.32 for WordPress allows remote attackers to inject arbitrary JavaScript or HTML via the json parameter...

PT-2018-18147

Name of the Vulnerable Software and Affected Versions SnapCreek Duplicator plugin version 1.2.32 Description The issue is related to a cross-site scripting XSS vulnerability. This vulnerability allows remote attackers to inject arbitrary JavaScript or HTML via the json parameter in the...

WordPress Duplicator Plugin Cross-Site Scripting Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress Duplicator plugin version 1.2.32, which can be exploited by an...