InfoSec News & Tutorials
NAME__________Simple Image Popup Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Simple Image Popup Plugin for WordPress 1.3.6Risk Level:5.9Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Simple Image Popup Plugin for WordPress is vulnerable to cross-site scripting, caused…
NAME__________QuantumCloud AI ChatBot Plugin for WordPress cross-site scriptingPlatforms Affected:Risk Level:5.9Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________QuantumCloud AI ChatBot Plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A…
NAME__________JoomUnited WP Table Manager Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress JoomUnited WP Table Manager Plugin for WordPress 3.5.2Risk Level:5.9Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________JoomUnited WP Table Manager Plugin for WordPress is vulnerable to…
NAME__________Usersnap Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Usersnap Plugin for WordPress 4.16Risk Level:5.9Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Usersnap Plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input.…
NAME__________Mega Main Menu Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Mega Main Menu plugin for WordPress 2.2.2Risk Level:5.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Mega Main Menu Plugin for WordPress is vulnerable to cross-site scripting, caused…
NAME__________ProfilePress Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress ProfilePress Plugin for WordPress 4.5.3Risk Level:7.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________ProfilePress Plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input.…
NAME__________Image and Video Gallery with Thumbnails Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Image and Video Gallery with Thumbnails Plugin for WordPress 2.0.1Risk Level:7.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Image and Video Gallery with Thumbnails…
NAME__________Daniel Powney Multi Rating with Thumbnails Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Multi Rating plugin for WordPress 5.0.5Risk Level:7.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Daniel Powney Multi Rating with Thumbnails Plugin for WordPress is…
NAME__________Booking calendar, Appointment Booking System Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress WpDevArt Booking calendar Appointment Booking System Plugin for WordPress 3.2.3Risk Level:5.9Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Booking calendar, Appointment Booking System Plugin for…
NAME__________Mega Main Menu plugin for WordPress cross-site scriptingPlatforms Affected:Risk Level:5.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Mega Main Menu plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A…
NAME__________Media Library Categories Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Media Library Categories Plugin for WordPress 1.9.9Risk Level:5.9Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Media Library Categories Plugin for WordPress is vulnerable to cross-site scripting, caused…
NAME__________Vira-Investing Investment Tracking System cross-site scriptingPlatforms Affected:Risk Level:6.1Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Vira-Investing Investment Tracking System is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit…
NAME__________JetBrains TeamCity cross-site scriptingPlatforms Affected:Risk Level:4.6Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________JetBrains TeamCity is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the SSH keys page. A remote authenticated attacker…
NAME__________JetBrains Hub cross-site scriptingPlatforms Affected:Risk Level:4.6Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________JetBrains Hub is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by dashboards. A remote authenticated attacker could exploit this…
NAME__________JetBrains TeamCity cross-site scriptingPlatforms Affected:Risk Level:4.6Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________JetBrains TeamCity is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Perforce connection settings. A remote authenticated attacker…
NAME__________JetBrains TeamCity cross-site scriptingPlatforms Affected:Risk Level:4.6Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________JetBrains TeamCity is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Pending changes and Changes tabs. A remote…
NAME__________Xray Audit module for Drupal cross-site scriptingPlatforms Affected:Drupal Xray Audit module for Drupal 1.1.0Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Xray Audit module for Drupal is vulnerable to cross-site scripting, caused by improper validation…
NAME__________Forcepoint Cloud Security Gateway cross-site scriptingPlatforms Affected:Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Forcepoint Cloud Security Gateway is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the login_reset_request.mhtml modules. A…
NAME__________Forcepoint Cloud Security Gateway cross-site scriptingPlatforms Affected:Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Forcepoint Cloud Security Gateway is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the login_reset_request.mhtml modules. A…
NAME__________Forcepoint Cloud Security Gateway cross-site scriptingPlatforms Affected:Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Forcepoint Cloud Security Gateway is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the login_submit.mhtml modules. A…
NAME__________GoCD cross-site scriptingPlatforms Affected:GoCD GoCD 22.3.0Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________GoCD is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the VSM and Job Details pages. A remote…
NAME__________Earnings and Expense Tracker App cross-site scriptingPlatforms Affected:Risk Level:3.5Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Earnings and Expense Tracker App is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Master.php?a=save_expense…
NAME__________Apache Archiva cross-site scriptingPlatforms Affected:Apache Archiva 2.2.10Risk Level:6.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Apache Archiva is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the file upload service. A remote…
NAME__________Young Entrepreneur E-Negosyo System cross-site scriptingPlatforms Affected:Risk Level:3.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Young Entrepreneur E-Negosyo System is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the bsenordering/admin/category/index.php script in…