CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-2967 – TinyMCE Custom Styles < 1.1.4 - Admin+ Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2023-2967
The TinyMCE Custom Styles WordPress plugin before 1.1.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). The TinyMCE Custom Styles plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 1.1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrative-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. • https://wpscan.com/vulnerability/9afec4aa-1210-4c40-b566-64e37acf2b64 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2023-23995 – WordPress TinyMCE Custom Styles Plugin <= 1.1.2 is vulnerable to Cross Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2023-23995
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Tim Reeves & David Stöckl TinyMCE Custom Styles plugin <= 1.1.2 versions. The TinyMCE Custom Styles plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 1.1.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrative-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. • https://patchstack.com/database/vulnerability/tinymce-custom-styles/wordpress-tinymce-custom-styles-plugin-1-1-2-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1217 – Custom TinyMCE Shortcode Button <= 1.1 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2022-1217
The Custom TinyMCE Shortcode Button WordPress plugin through 1.1 does not sanitise and escape the PHP_SELF variable before outputting it back in an attribute in an admin page, leading to Reflected Cross-Site Scripting. El plugin Custom TinyMCE Shortcode Button de WordPress versiones hasta 1.1, no sanea ni escapa de la variable PHP_SELF antes de devolverla a un atributo en una página de administración, conllevando a un ataque de tipo Cross-Site Scripting Reflejado • https://wpscan.com/vulnerability/15875f52-7a49-44c7-8a36-b49ddf37c20c • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 3CVE-2012-4230 – TinyMCE 3.5.8 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2012-4230
The bbcode plugin in TinyMCE 3.5.8 does not properly enforce the TinyMCE security policy for the (1) encoding directive and (2) valid_elements attribute, which allows attackers to conduct cross-site scripting (XSS) attacks via application-specific vectors, as demonstrated using a textarea element. El plugin bbcode en TinyMCE 3.5.8 no refuerza debidamente TinyMCE Security Policy para el (1) directivo de codificación y (2) atributo valid_elements, lo que permite a atacantes remotos realizar ataques de XSS a través de vectores de aplicación especifica, tal y como fue demostrado utilizando un elemento textarea. TinyMCE version 3.5.8 suffers from a cross site scripting vulnerability. • http://osvdb.org/91130 http://packetstormsecurity.com/files/120750/TinyMCE-3.5.8-Cross-Site-Scripting.html http://seclists.org/fulldisclosure/2013/Mar/114 http://www.madirish.net/554 http://www.securityfocus.com/bid/58424 https://exchange.xforce.ibmcloud.com/vulnerabilities/82744 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 92%CPEs: 41EXPL: 9CVE-2011-4825 – aidiCMS 3.55 - 'ajax_create_folder.php' Remote Code Execution
https://notcve.org/view.php?id=CVE-2011-4825
Static code injection vulnerability in inc/function.base.php in Ajax File and Image Manager before 1.1, as used in tinymce before 1.4.2, phpMyFAQ 2.6 before 2.6.19 and 2.7 before 2.7.1, and possibly other products, allows remote attackers to inject arbitrary PHP code into data.php via crafted parameters. Vulnerabilidad de inyección de código estático en inc/function.base.php de Ajax File y Image Manager en versiones anteriores a 1.1, tal como se usa en tinymce en versiones anteriores a 1.4.2, phpMyFAQ 2.6 anteriores a 2.6.19 y 2.7 anteriores a 2.7.1, y posiblemente otros productos, permite a atacantes remotos inyectar código arbitrario PHP en data.php a través de parámetros modificados. • https://www.exploit-db.com/exploits/18085 https://www.exploit-db.com/exploits/18075 https://www.exploit-db.com/exploits/18151 https://www.exploit-db.com/exploits/18975 https://www.exploit-db.com/exploits/18084 https://www.exploit-db.com/exploits/18083 http://www.exploit-db.com/exploits/18075 http://www.phpletter.com/en/DOWNLOAD/1 http://www.phpmyfaq.de/advisory_2011-10-25.php http://www.securityfocus.com/bid/50523 http://www.zenphoto.org/trac/ticket/2005& • CWE-94: Improper Control of Generation of Code ('Code Injection') •