91 matches found
WordPress 4.2.3-4.8.1 - Authenticated Cross-Site Scripting (XSS) in Visual Editor
Description A cross-site scripting XSS vulnerability was discovered in the visual editor. Reported by Rodolfo Assis @brutelogic of Sucuri Security...
Cross site scripting
Before version 4.8.2, WordPress was vulnerable to a cross-site scripting attack via shortcodes in the TinyMCE visual editor...
DEBIAN-CVE-2017-14726
Before version 4.8.2, WordPress was vulnerable to a cross-site scripting attack via shortcodes in the TinyMCE visual editor...
CVE-2017-14726
CVE-2017-14726 affects WordPress up to version 4.8.1; a cross-site scripting (XSS) vulnerability exists through shortcodes in the TinyMCE visual editor. Exploitation could occur in contexts where crafted shortcodes are processed by the editor, enabling an attacker to inject arbitrary HTML/JavaScr...
CVE-2017-14726
Before version 4.8.2, WordPress was vulnerable to a cross-site scripting attack via shortcodes in the TinyMCE visual editor. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
WordPress Visual Editor Cross-Site Scripting Vulnerability
WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress visual editor. A remote attacker can exploit this vulnerability ...
WordPress <=4.8.1 - Cross-Site Scripting (XSS) vulnerability (visual editor)
Cross-Site Scripting XSS vulnerability found by Rodolfo Assis in WordPress visual editor version 4.8.1 and earlier versions. Solution Update the WordPress to the latest available version at least 4.8.2...
FreeBSD : wordpress -- 2 XSS vulnerabilities (d86890da-f498-11e4-99aa-bcaec565249c)
Samuel Sidler reports : The Genericons icon font package, which is used in a number of popular themes and plugins, contained an HTML file vulnerable to a cross-site scripting attack. All affected themes and plugins hosted on WordPress.org including the Twenty Fifteen default theme have been updat...
wordpress -- 2 cross-site scripting vulnerabilities
Samuel Sidler reports: The Genericons icon font package, which is used in a number of popular themes and plugins, contained an HTML file vulnerable to a cross-site scripting attack. All affected themes and plugins hosted on WordPress.org including the Twenty Fifteen default theme have been update...
idev Game Site CMS v1.0 - Multiple Web Vulnerabilites
Title: ====== idev Game Site CMS v1.0 - Multiple Web Vulnerabilites Date: ===== 2012-04-08 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=494 VL-ID: ===== 494 Introduction: ============= Start your own Flash web game website. Search engine optimized. Embed your Adsense...
Kindeditor traverse the directory 0DAY-vulnerability warning-the black bar safety net
Author: sub - ↘meter Version: 3.4.2 Description: KindEditor is an open source HTML visual editor, mainly used to allow users on the site to get WYSIWYG editing effects, compatible with IE, Firefox, Chrome, Safari, Opera and other mainstream browser. KindEditor using JavaScript, you can seamlessly...