CVE-2024-9934

The Wp-ImageZoom WordPress plugin through 1.1.0 does not sanitise and escape some parameters before outputting them back in a page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2024-9934 Wp-ImageZoom <= 1.1.0 - Reflected XSS

The Wp-ImageZoom WordPress plugin through 1.1.0 does not sanitise and escape some parameters before outputting them back in a page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2024-9934 Wp-ImageZoom <= 1.1.0 - Reflected XSS

The Wp-ImageZoom WordPress plugin through 1.1.0 does not sanitise and escape some parameters before outputting them back in a page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2024-9934

Summary: CVE-2024-9934 affects the WordPress plugin Wp-ImageZoom ≤ 1.1.0. The issue is a Reflected Cross-Site Scripting caused by not sanitising/escaping certain parameters before echoing them in a page, potentially exploitable against high-privilege users (e.g., admin). Root cause: insufficient ...

WordPress Wp-ImageZoom Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)

Software Wp-ImageZoom Type Plugin Vulnerable versions = 1.1.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9934 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 48857c949d4e Credits Mohammad Nikouei Requir...

PT-2024-39949 · WordPress · Wp Image Zoom

Name of the Vulnerable Software and Affected Versions: Wp-ImageZoom WordPress plugin versions prior to 1.1.1 Description: The Wp-ImageZoom WordPress plugin does not sanitise and escape some parameters before outputting them back in a page, leading to a Reflected Cross-Site Scripting issue. This...

WordPress Plugin Wp-ImageZoom 1.1.0 - Multiple Vulnerabilities

WordPress Plugin Wp-ImageZoom 1.1.0 - Multiple Vulnerabilities Exploit Title: wp-imagezoom Remote Image Upload Google Dork: filetype:php inurl:"/wp-content/plugins/wp-imagezoom" & inurl:"?id=" Date: 06.06.2015 Exploit Author: T3N38R15 Software Link:...

Wp-ImageZoom - zoom.php id Parameter SQL Injection

The Wp-ImageZoom WordPress plugin was affected by a zoom.php id Parameter SQL Injection security vulnerability...

WordPress Theme Wp-ImageZoom - id SQL Injection

WordPress Theme Wp-ImageZoom - id SQL Injection source: https://www.securityfocus.com/bid/56691/info The Wp-ImageZoom theme for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploi...

WordPress Theme Wp-ImageZoom - &#039;id&#039; SQL Injection

source: https://www.securityfocus.com/bid/56691/info The Wp-ImageZoom theme for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this issue to compromise the application, acce...

WordPress Plugin Wp-ImageZoom - file Remote File Disclosure

WordPress Plugin Wp-ImageZoom - file Remote File Disclosure source: https://www.securityfocus.com/bid/54058/info Wp-ImageZoom for WordPress is prone to a remote file-disclosure vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to...

Wp-ImageZoom <= 1.0.4 - File Disclosure

The Wp-ImageZoom WordPress plugin was affected by a File Disclosure security vulnerability...