Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
DatenverwurstungszentraleShariff Wrapper

7 matches found

CVE
CVEadded 2024/02/27 9:15 a.m.5720 views

CVE-2024-1106

The Shariff Wrapper WordPress plugin before 4.6.10 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

6.1CVSS5.7AI score0.00193EPSS
CVE
CVEadded 2024/03/19 3:15 p.m.50 views

CVE-2024-29109

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jan-Peter Lambeck & 3UU Shariff Wrapper allows Stored XSS.This issue affects Shariff Wrapper: from n/a through 4.6.10.

6.5CVSS6.4AI score0.00051EPSS
CVE
CVEadded 2024/06/20 7:15 a.m.49 views

CVE-2024-4098

The Shariff Wrapper plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 4.6.13 via the shariff3uu_fetch_sharecounts function. This allows unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code i...

9.8CVSS10AI score0.03147EPSS
CVE
CVEadded 2024/06/15 9:15 a.m.38 views

CVE-2024-2695

The Shariff Wrapper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'shariff' shortcode in all versions up to, and including, 4.6.13 due to insufficient input sanitization and output escaping on user supplied attributes such as 'borderradius' and 'timestamp'. This...

6.4CVSS5.9AI score0.00064EPSS
CVE
CVEadded 2024/03/21 2:50 a.m.37 views

CVE-2023-6500

The Shariff Wrapper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'shariff' shortcode in all versions up to, and including, 4.6.9 due to insufficient input sanitization and output escaping on user supplied attributes such as 'secondarycolor' and 'maincolor'. Thi...

6.4CVSS7.6AI score0.00094EPSS
CVE
CVEadded 2024/03/21 2:51 a.m.32 views

CVE-2024-0966

The Shariff Wrapper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'shariff' shortcode in all versions up to, and including, 4.6.9 due to insufficient input sanitization and output escaping on user supplied attributes like 'info_text'. This makes it possible for ...

6.4CVSS7.7AI score0.00109EPSS
CVE
CVEadded 2024/03/21 2:51 a.m.30 views

CVE-2024-1450

The Shariff Wrapper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'shariff' shortcode in all versions up to, and including, 4.6.10 due to insufficient input sanitization and output escaping on user supplied attributes such as 'align'. This makes it possible for ...

6.4CVSS7.6AI score0.00109EPSS