EUVD-2014-4447

Malware in sbrugna...

CVE-2024-3754

The Alemha watermarker WordPress plugin through 1.3.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-3754

CVE-2024-3754 affects Alemha Watermarker WordPress plugin ≤ 1.3.1. Root cause: the plugin does not sanitize/escape certain settings, enabling a Stored XSS by high-privilege users (e.g., admins) even when unfiltered_html is restricted (e.g., multisite). Impact: stored script execution in the admin...

CVE-2024-3754 Alemha Watermarker <= 1.3.1 - Author+ Stored XSS

The Alemha watermarker WordPress plugin through 1.3.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-3754 Alemha Watermarker <= 1.3.1 - Author+ Stored XSS

The Alemha watermarker WordPress plugin through 1.3.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

PT-2024-27638 · WordPress · Alemha Watermarker

Name of the Vulnerable Software and Affected Versions: Alemha watermarker WordPress plugin versions 1.3.1 and earlier Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks, even when the unfiltered html capability is disallowed, for...

WordPress plugin Alemha watermarker security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

WordPress Alemha Watermarker plugin <= 1.3.1 - Authenticated Stored Cross-Site Scripting vulnerability

Authenticated Stored Cross-Site Scripting vulnerability discovered by Erdemstar in WordPress Plugin Alemha watermarker versions = 1.3.1...

WordPress Alemha watermarker Plugin <= 1.3.1 is vulnerable to Cross Site Scripting (XSS)

Software Alemha watermarker Type Plugin Vulnerable versions = 1.3.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3754 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID fe01f090b53e Credits Erdemstar Required...

Alemha Watermarker <= 1.3.1 - Author+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC 1. As an "author" level user, add ...

Alemha Watermarker <= 1.3.1 - Author+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup 1. As an "author" level user, add a ne...

Wordpress Alemha Watermarker 1.3.1 Plugin - Stored Cross-Site Scripting Vulnerability

Exploit Title: Wordpress Plugin Alemha Watermarker 1.3.1 - Stored Cross-Site Scripting XSS Exploit Author: Erdemstar Vendor: https://wordpress.com/ Version: 1.3.1 Proof Of Concept: 1. Click Add New Watermark and enter the XSS payload into the Watermark Text. 2. Stored XSS will run on anyone who...

WordPress Alemha Watermarker 1.3.1 Cross Site Scripting

Exploit Title: Wordpress Plugin Alemha Watermarker 1.3.1 - Stored Cross-Site Scripting XSS Date: 22 March 2024 Exploit Author: Erdemstar Vendor: https://wordpress.com/ Version: 1.3.1 Proof Of Concept: 1. Click Add New Watermark and enter the XSS payload into the Watermark Text. 2. Stored XSS will...

Wordpress Plugin Alemha Watermarker 1.3.1 - Stored Cross-Site Scripting (XSS)

Exploit Title: Wordpress Plugin Alemha Watermarker 1.3.1 - Stored Cross-Site Scripting XSS Date: 22 March 2024 Exploit Author: Erdemstar Vendor: https://wordpress.com/ Version: 1.3.1 Proof Of Concept: 1. Click Add New Watermark and enter the XSS payload into the Watermark Text. 2. Stored XSS will...

Dmca Watermarker < 1.1 - XSS

The DMCA WaterMarker WordPress plugin was affected by a XSS security vulnerability...

CVE-2014-4520

Cross-site scripting XSS vulnerability in phprack.php in the DMCA WaterMarker plugin before 1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the plugindir parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in phprack.php in the DMCA WaterMarker plugin before 1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the plugindir parameter...

CVE-2014-4520

Cross-site scripting XSS vulnerability in phprack.php in the DMCA WaterMarker plugin before 1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the plugindir parameter...

CVE-2014-4520

The DMCA WaterMarker WordPress plugin is affected by CVE-2014-4520: XSS in phprack.php via the plugin_dir parameter in versions before 1.1. Remote attackers can inject arbitrary script/HTML. Documented across NVD, WPVulnDB, and CVE listings. Remediation: update to version 1.1 or apply vendor patc...

WordPress DMCA WaterMarker Plugin <= 1.0 - XSS

Because of this vulnerability in phprack.php, the attackers can inject arbitrary web script or HTML. Solution Update the plugin...