CVE-2024-1427

The The Post Grid – Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the section title tag attribute in all versions up to, and including, 7.7.1 due to insufficient input sanitization and output escaping on user...

WordPress plugin The Post Grid cross-site scripting vulnerability

WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress The Post Grid Plugin <= 7.7.1 is vulnerable to Cross Site Scripting (XSS)

Software The Post Grid Type Plugin Vulnerable versions = 7.7.1 Fixed in 7.7.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-35739 Patch priority Low CVSS severity Low 6.5 Developer Mamunur Rashid PSID 3801d97a66a9 Credits SouzaZinn Required privilege Contributor...

CVE-2023-41798

A vulnerability in wpWax Directorist directorist.This issue affects Directorist: from n/a through = 7.7.1...

WordPress Directorist Plugin <= 7.7.1 is vulnerable to CSV Injection

Software Directorist Type Plugin Vulnerable versions = 7.7.1 Fixed in 7.7.2 OWASP Top 10 A1: Injection Classification CSV Injection CVE CVE-2023-41798 Patch priority Low CVSS severity Low 5.1 Developer Claim ownership PSID 305b807eea54 Credits Rafshanzani Suhada Required privilege Editor Publishe...

Intel® HAXM Advisory

Summary: A potential security vulnerability in the Intel® Hardware Accelerated Execution Manager HAXM software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2022-21812 Description: Improper access...

LogicalDOC Enterprise 7.7.4 - Directory Traversal Vulnerability

Exploit for java platform in category web applications LogicalDOC Enterprise 7.7.4 Multiple Directory Traversal Vulnerabilities Vendor: LogicalDOC Srl Product web page: https://www.logicaldoc.com Affected version: 7.7.4 7.7.3 7.7.2 7.7.1 7.6.4 7.6.2 7.5.1 7.4.2 7.1.1 Summary: LogicalDOC is a free...

Juniper Networks Mobility System Software - &#039;/aaa/wba_login.html&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/54075/info Mobility System Software is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the conte...

Juniper Networks Mobility System Software - aaawba_login.html Cross-Site Scripting

Juniper Networks Mobility System Software - aaawbalogin.html Cross-Site Scripting source: https://www.securityfocus.com/bid/54075/info Mobility System Software is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to...