2019 matches found
CVE-2024-47817 Unvalidated paragraph widget values can be used for Cross-site Scripting in lara-zeus
Lara-zeus Dynamic Dashboard simple way to manage widgets for your website landing page, and filament dashboard and Lara-zeus artemis is a collection of themes for the lara-zeus ecosystem. If values passed to a paragraph widget are not valid and contain a specific set of characters, applications a...
CVE-2024-44022 WordPress Review & testimonial widgets plugin <= 1.0.5 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Trustmary Review & testimonial widgets trustmary allows Stored XSS.This issue affects Review & testimonial widgets: from n/a through = 1.0.5...
PT-2024-30888 · Trustmary · Trustmary Review & Testimonial Widgets
Name of the Vulnerable Software and Affected Versions: Trustmary Review & testimonial widgets versions 1.0.0 through 1.0.5 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS in...
CVE-2024-47643
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Alex Include Fussball.de Widgets include-fussball-de-widgets allows Stored XSS.This issue affects Include Fussball.de Widgets: from n/a through = 4.0.0...
CVE-2024-47643
CVE-2024-47643 affects WordPress plugin Include Fussball.de Widgets
CVE-2024-47643 WordPress Include Fussball.de Widgets plugin <= 4.0.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Alex Include Fussball.de Widgets include-fussball-de-widgets allows Stored XSS.This issue affects Include Fussball.de Widgets: from n/a through = 4.0.0...
CVE-2024-8486
The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter in the Modern Heading and Icon Picker widgets all versions up to, and including, 2.16.3 due to insufficient input sanitization and output escaping. This make...
CVE-2024-8486 Shortcodes and extra features for Phlox theme <= 2.16.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Modern Heading and Icon Picker Widgets
The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter in the Modern Heading and Icon Picker widgets all versions up to, and including, 2.16.3 due to insufficient input sanitization and output escaping. This make...
WordPress plugin Include Fussball.De Widgets 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...
PT-2024-32701 · Unknown · Fussball.De Widgets
Name of the Vulnerable Software and Affected Versions: Include Fussball.De Widgets versions through 4.0.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS, where an attacker can...
WordPress Include Fussball.de Widgets plugin <= 4.0.0 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin Include Fussball.de Widgets versions = 4.0.0...
WordPress Include Fussball.de Widgets Plugin <= 4.0.0 is vulnerable to Cross Site Scripting (XSS)
Software Include Fussball.de Widgets Type Plugin Vulnerable versions = 4.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47643 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID e228304d4067 Credits stealthcopter Required...
WordPress Classic Editor and Classic Widgets plugin <= 1.4.1 - SQL Injection vulnerability
SQL Injection vulnerability discovered by Hakiduck Patchstack Alliance in WordPress Plugin Classic Editor and Classic Widgets versions = 1.4.1...
WordPress Classic Editor and Classic Widgets Plugin <= 1.4.1 is vulnerable to SQL Injection
Software Classic Editor and Classic Widgets Type Plugin Vulnerable versions = 1.4.1 Fixed in 1.4.2 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-47312 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID bea053e6b42c Credits Hakiduck Required privilege...
WordPress Review & testimonial widgets plugin <= 1.0.5 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by theviper17 Patchstack Alliance in WordPress Plugin Review & testimonial widgets versions = 1.0.5...
WordPress Review & testimonial widgets Plugin <= 1.0.5 is vulnerable to Cross Site Scripting (XSS)
Software Review & testimonial widgets Type Plugin Vulnerable versions = 1.0.5 Fixed in 1.0.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-44022 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b905151529cd Credits theviper17 Required...
[SECURITY] Fedora 40 Update: python-notebook-7.2.2-1.fc40
The Jupyter Notebook is a web application that allows you to create and share documents that contain live code, equations, visualizations, and explanatory text. The Notebook has support for multiple programming languages, sharing, and interactive widgets...
CVE-2024-42020
A Cross-site-scripting XSS vulnerability exists in the Reporter Widgets that allows HTML injection...
CVE-2024-42020
A Cross-site-scripting XSS vulnerability exists in the Reporter Widgets that allows HTML injection...
CVE-2024-42020
A Cross-site-scripting XSS vulnerability exists in the Reporter Widgets that allows HTML injection...