5 matches found
CVE-2019-1010034
WebLibrarian plugin for WordPress (Deepwoods Software) versions 3.5.2 and earlier are affected by a SQL Injection in the AllBarCodes function (database_code.php:1018). The vulnerability can be triggered by any logged-in user with at least Volunteer role or manage_circulation capabilities, potenti...
CVE-2017-18538
CVE-2017-18538 affects the WordPress WebLibrarian plugin prior to 3.4.8.5. The vulnerability is an XSS via front-end shortcodes in the plugin’s web interface, as described by multiple sources (Red Hat, NVD, CVE listings, and WPVulnDB). Impact details consistently indicate client-side script execu...
CVE-2017-18540
The CVE-2017-18540 affects the WordPress WebLibrarian plugin prior to version 3.4.8.7. The vulnerability is XSS via front-end short codes, allowing possible client-side code execution. Affected software: WebLibrarian WordPress plugin
CVE-2023-29441
The CVE-2023-29441 entry covers an unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability in the WebLibrarian WordPress plugin. Affected versions are WebLibrarian <= 3.5.8.1 (with later notes/applications showing coverage up to
CVE-2017-18539
The CVE-2017-18539 entry concerns the WordPress WebLibrarian plugin. Affected component: weblibrarian plugin (WordPress) prior to version 3.4.8.6. Root cause: cross-site scripting (XSS) via front-end short codes. Impact: attacker can execute client-side code; exact impact details are described ac...