Winters theme <= 1.4.3 - Reflected Cross-Site Scripting via Prototype Pollution

Description The theme does not properly sanitize user inputs nor escape output, leading to a reflected Cross-Site Scripting vulnerability via prototype pollution...

CVE-2023-3962

The Winters theme for WordPress is vulnerable to Reflected Cross-Site Scripting via prototype pollution in versions up to, and including, 1.4.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages...

CVE-2023-3962

The Winters theme for WordPress is vulnerable to Reflected Cross-Site Scripting via prototype pollution in versions up to, and including, 1.4.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages...

Cross site scripting

The Winters theme for WordPress is vulnerable to Reflected Cross-Site Scripting via prototype pollution in versions up to, and including, 1.4.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages...

CVE-2023-3962 Winters <= 1.4.3 - Prototype Pollution to Reflected Cross-Site Scripting

The Winters theme for WordPress is vulnerable to Reflected Cross-Site Scripting via prototype pollution in versions up to, and including, 1.4.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages...

CVE-2023-3962

The Winters theme for WordPress (Winters, WordPress) is affected by CVE-2023-3962: a Reflected Cross-Site Scripting vulnerability caused by prototype pollution and insufficient input sanitization/output escaping. It affects versions up to and including 1.4.3. Impact/ment is defined as an unauthen...

WordPress Plugin Winters Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

PT-2023-27038 · WordPress · Winters Theme

Name of the Vulnerable Software and Affected Versions: Winters theme for WordPress versions up to, and including, 1.4.3 Description: The issue is related to Reflected Cross-Site Scripting via prototype pollution due to insufficient input sanitization and output escaping. This allows unauthenticat...

WordPress winters Theme <= 1.4.3 is vulnerable to Cross Site Scripting (XSS)

Software winters Type Theme Vulnerable versions = 1.4.3 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-3962 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 303bf4cd5b63 Credits longxi Required privilege...

SuSE 10 Security Update : samba (ZYPP Patch Number 2556)

A logic error in the deferred open code can lead to an infinite loop in Samba's smbd daemon. CVE-2007-0452 In addition the following changes are included with these packages : - Move tdb utils to the client package. - The version string of binaries reported by the -V option now include the packag...