4 matches found
WordPress Better Post & Filter Widgets for Elementor plugin <= 1.6.1 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Abu Hurayra Patchstack Alliance in WordPress Plugin Better Post & Filter Widgets for Elementor versions = 1.6.1...
WordPress Burst Statistics Plugin <= 1.5.3 is vulnerable to SQL Injection
Software Burst Statistics Type Plugin Vulnerable versions = 1.5.3 Fixed in 1.5.4 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-0405 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 5b21f7530708 Credits Ivan Spiridonov xbz0n Required privilege Editor...
CVE-2018-8899
IdentityServer IdentityServer4 1.x before 1.5.3 and 2.x before 2.1.3 does not encode the redirect URI on the authorization response page, which might lead to XSS in some configurations...
TYPO3 Security Bulletin
It has been discovered that the extension powermail powermail is vulnerable to Cross-Site Scripting, SQL Injection and Validation Bypass Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 1.5.3 and below Vulnerability...