Lucene search
K

11 matches found

OSV
OSV
added 2024/01/11 9:15 a.m.5 views

CVE-2023-4962

The Video PopUp plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'videopopup' shortcode in versions up to, and including, 1.1.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with...

5.4CVSS7AI score0.0044EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/01/11 8:32 a.m.5 views

CVE-2023-4962 Video PopUp <= 1.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The Video PopUp plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'videopopup' shortcode in versions up to, and including, 1.1.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with...

6.4CVSS6.8AI score0.0044EPSS
Exploits0References3
CVE
CVE
added 2024/01/11 8:32 a.m.50 views

CVE-2023-4962

CVE-2023-4962 affects the Video PopUp WordPress plugin (video-popup) up to version 1.1.3. Description: stored XSS via the video_popup shortcode due to insufficient input sanitization/output escaping; authenticated attackers with contributor+ can inject scripts that run for users on affected pages...

6.4CVSS5.2AI score0.0044EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2024/01/11 8:32 a.m.20 views

CVE-2023-4962 Video PopUp <= 1.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The Video PopUp plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'videopopup' shortcode in versions up to, and including, 1.1.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with...

6.4CVSS5.8AI score0.0044EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/01/11 12:0 a.m.5 views

WordPress Plugin Video PopUp Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

6.4CVSS5.9AI score0.0044EPSS
Exploits0References4
WPVulnDB
WPVulnDB
added 2023/11/25 12:0 a.m.12 views

Video PopUp < 1.1.4 - Contributor+ Stored XSS via Shortcode

Description The plugin does not validate and escape some of its videopopup shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.4CVSS8.2AI score0.0044EPSS
Exploits0References1Affected Software1
Openbugbounty
Openbugbounty
added 2018/07/12 2:27 p.m.22 views

dermlasersurgery.com XSS vulnerability

Open Bug Bounty ID: OBB-645684 Description| Value ---|--- Affected Website:| dermlasersurgery.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Openbugbounty
Openbugbounty
added 2018/07/12 2:19 p.m.19 views

sbplasticsurgery.com XSS vulnerability

Open Bug Bounty ID: OBB-645676 Description| Value ---|--- Affected Website:| sbplasticsurgery.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Openbugbounty
Openbugbounty
added 2018/07/12 2:2 p.m.13 views

breastreconstructionhelp.com XSS vulnerability

Open Bug Bounty ID: OBB-645667 Description| Value ---|--- Affected Website:| breastreconstructionhelp.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Openbugbounty
Openbugbounty
added 2018/07/12 2:0 p.m.16 views

rhinoplasty-usa.com XSS vulnerability

Open Bug Bounty ID: OBB-645664 Description| Value ---|--- Affected Website:| rhinoplasty-usa.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Openbugbounty
Openbugbounty
added 2018/03/03 5:18 a.m.13 views

php.bildungs.tv XSS vulnerability

Open Bug Bounty ID: OBB-572986 Description| Value ---|--- Affected Website:| php.bildungs.tv Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.2AI score
Exploits0
Rows per page
Query Builder