Cross-site Scripting (XSS) - Stored in GitHub repository go-gitea/gitea prior to 1.16.9.Read More ...
Continue ReadingMay 30, 2022
The HPB Dashboard WordPress plugin through 1.3.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even wh ...
Continue ReadingMay 30, 2022
The VikBooking Hotel Booking Engine & PMS WordPress plugin before 1.5.9 does not escape the current URL before putting it back in a JavaScript context, leading to a Reflected Cross-Site ScriptingR ...
Continue ReadingMay 30, 2022
The WP 2FA WordPress plugin before 2.2.1 does not sanitise and escape a parameter before outputting it back in an admin page, leading to a Reflected Cross-Site ScriptingRead More ...
Continue ReadingMay 30, 2022
The Poll Maker WordPress plugin before 4.0.2 does not sanitise and escape some settings, which could allow high privilege users such as admin to perform Store Cross-Site Scripting attack even when unf ...
Continue ReadingMay 30, 2022
The Easy FAQ with Expanding Text WordPress plugin through 3.2.8.3.1 does not sanitise and escape its settings, allowing high privilege users to perform Cross-Site Scripting attacks when unfiltered_htm ...
Continue ReadingMay 30, 2022
The No Future Posts WordPress plugin through 1.4 does not escape its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks when unfiltered_html is disa ...
Continue ReadingMay 30, 2022
The Slideshow WordPress plugin through 2.3.1 does not sanitize and escape some of its default slideshow settings, which could allow high-privileged users such as admin to perform Cross-Site Scripting ...
Continue ReadingMay 30, 2022
Back to Main