2142 matches found
CVE-2023-6500
The Shariff Wrapper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'shariff' shortcode in all versions up to, and including, 4.6.9 due to insufficient input sanitization and output escaping on user supplied attributes such as 'secondarycolor' and 'maincolor'...
CVE-2023-6500
The Shariff Wrapper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'shariff' shortcode in all versions up to, and including, 4.6.9 due to insufficient input sanitization and output escaping on user supplied attributes such as 'secondarycolor' and 'maincolor'...
WordPress Plugin Shariff Wrapper 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
WordPress Plugin Shariff Wrapper 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
WordPress Plugin Shariff Wrapper 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
CVE-2024-29109
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jan-Peter Lambeck & 3UU Shariff Wrapper allows Stored XSS.This issue affects Shariff Wrapper: from n/a through 4.6.10...
CVE-2024-29109
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jan-Peter Lambeck & 3UU Shariff Wrapper allows Stored XSS.This issue affects Shariff Wrapper: from n/a through 4.6.10...
CVE-2024-29109 WordPress Shariff Wrapper plugin <= 4.6.10 - Contributor+ Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jan-Peter Lambeck & 3UU Shariff Wrapper allows Stored XSS.This issue affects Shariff Wrapper: from n/a through 4.6.10...
CVE-2024-29109
The CVE-2024-29109 entry affects the WordPress Shariff Wrapper plugin, with vulnerable versions listed as n/a through 4.6.10. The root cause is improper neutralization of input during web page generation, resulting in Stored XSS. The issue explicitly impacts Shariff Wrapper versions up to 4.6.10;...
CVE-2024-29109 WordPress Shariff Wrapper plugin <= 4.6.10 - Contributor+ Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jan-Peter Lambeck & 3UU Shariff Wrapper allows Stored XSS.This issue affects Shariff Wrapper: from n/a through 4.6.10...
WordPress Plugin Shariff Wrapper Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
PT-2024-22729 · Jan Peter Lambeck & 3Uu · Shariff Wrapper
Name of the Vulnerable Software and Affected Versions: Shariff Wrapper versions n/a through 4.6.10 Description: The issue affects Jan-Peter Lambeck & 3UU Shariff Wrapper, allowing Stored XSS due to improper neutralization of input during web page generation. This is a Cross-site Scripting...
WordPress Shariff Wrapper Plugin <= 4.6.10 is vulnerable to Cross Site Scripting (XSS)
Software Shariff Wrapper Type Plugin Vulnerable versions = 4.6.10 Fixed in 4.6.11 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29109 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID db40643f0a75 Credits Ngô Thiên An ancorn from VNPT-VCI...
CVE-2024-2286
The Sky Addons for Elementor Free Templates Library, Live Copy, Animations, Post Grid, Post Carousel, Particles, Sliders, Chart plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the wrapper link URL value in all versions up to, and including, 2.4.0 due to insufficient input...
CVE-2024-0326
The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Link Wrapper functionality in all versions up to, and including, 4.10.17 due to insufficient input sanitization and output escaping on user supplied links. This makes it possible fo...
PT-2024-15472 · WordPress · Premium Addons For Elementor
Name of the Vulnerable Software and Affected Versions: Premium Addons for Elementor plugin for WordPress versions up to, and including, 4.10.17 Description: The issue is related to Stored Cross-Site Scripting via the plugin's Link Wrapper functionality due to insufficient input sanitization and...
WordPress Plugin Premium Addons for Elementor Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on PHP and MySQL servers.WordPress plugin is an...
CVE-2023-6500 Shariff Wrapper <= 4.6.9 - Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode
The Shariff Wrapper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'shariff' shortcode in all versions up to, and including, 4.6.9 due to insufficient input sanitization and output escaping on user supplied attributes such as 'secondarycolor' and 'maincolor'...
CVE-2023-6500 Shariff Wrapper <= 4.6.9 - Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode
The Shariff Wrapper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'shariff' shortcode in all versions up to, and including, 4.6.9 due to insufficient input sanitization and output escaping on user supplied attributes such as 'secondarycolor' and 'maincolor'...
CVE-2023-6500
The CVE-2023-6500 entry refers to the Shariff Wrapper WordPress plugin vulnerable to a Stored Cross-Site Scripting (XSS) via the shariff shortcode in all versions up to and including 4.6.9. The root cause is insufficient input sanitization and output escaping on user-supplied attributes (e.g., se...