Security
Headlines
HeadlinesLatestCVEs

Tag

#xss

RHSA-2023:2100: Red Hat Security Advisory: Red Hat Integration Camel for Spring Boot 3.20.1 security update

Red Hat Integration Camel for Spring Boot 3.20.1 release and security update is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-37533: A flaw was found in Apache Commons Net's FTP, where the client trusts the host from PASV response by default. A malicious server could redirect the Commons Net code to use a different host, but the user has to connect to the malicious server in the first place. This issue could lead to leakage of information about service...

Red Hat Security Data
Open in Source
#sql#xss#vulnerability#web#linux#red_hat#dos#apache#js#java#rce#xpath#ssrf#auth#ssl
CVE-2023-23820: WordPress ProfilePress plugin <= 4.5.4 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in ProfilePress Membership Team ProfilePress plugin <= 4.5.4 versions.

CVE-2023-23708: WordPress Visualizer: Tables and Charts Manager for WordPress plugin <= 3.9.4 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Themeisle Visualizer: Tables and Charts Manager for WordPress plugin <= 3.9.4 versions.

CVE-2023-22713: WordPress Gutenberg Blocks by WordPress Download Manager plugin <= 2.1.8 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in WordPress Download Manager Gutenberg Blocks by WordPress Download Manager plugin <= 2.1.8 versions.

CVE-2023-25796: WordPress WP BaiDu Submit plugin <= 1.2.1 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Include WP BaiDu Submit plugin <= 1.2.1 versions.

CVE-2023-25798: WordPress Olevmedia Shortcodes plugin <= 1.1.9 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Olevmedia Olevmedia Shortcodes plugin <= 1.1.9 versions.

CVE-2023-25786: WordPress Eyes Only: User Access Shortcode plugin <= 1.8.2 - Cross Site Scripting (XSS) - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Thom Stark Eyes Only: User Access Shortcode plugin <= 1.8.2 versions.

CVE-2023-25787: WordPress WP资源下载管理 plugin <= 1.3.9 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Wbolt team WP?????? plugin <= 1.3.9 versions.

CVE-2023-25797: WordPress vSlider Multi Image Slider for WordPress plugin <= 4.1.2 - Cross Site Scripting (XSS) - Patchstack

Auth. Stored Cross-Site Scripting (XSS) vulnerability in Mr.Vibe vSlider Multi Image Slider for WordPress plugin <= 4.1.2 versions.

CVE-2023-25784: WordPress Sticky Ad Bar Plugin plugin <= 1.3.1 - Cross Site Scripting (XSS) - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Bon Plan Gratos Sticky Ad Bar plugin <= 1.3.1 versions.