Page 2 of 7 results (0.001 seconds)

CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 0

Authenticated (author or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Responsive Tabs (WordPress plugin) <= 4.0.5 Una vulnerabilidad de tipo Cross-Site Scripting (XSS) Almacenado Autenticado (autor o rol de usuario superior) en Responsive Tabs (plugin de WordPress) versiones anteriores a 4.0.5 incluyéndola • https://patchstack.com/database/vulnerability/responsive-tabs/wordpress-responsive-tabs-plugin-4-0-5-cross-site-scripting-xss-vulnerability https://wordpress.org/plugins/responsive-tabs • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1

Unvalidated input and lack of output encoding in the Team Members WordPress plugin, versions before 5.0.4, lead to Cross-site scripting vulnerabilities allowing medium-privileged authenticated attacker (contributor+) to inject arbitrary web script or HTML via the 'Description/biography' of a member. Una entrada no comprobada y una falta de codificación de salida en el plugin de WordPress Team Members, versiones anteriores a 5.0.4, conllevan a vulnerabilidades de tipo Cross-site scripting que permiten a un atacante autenticado con privilegios medios (colaborador+) inyectar script web o HTML arbitrario por medio de la "Description/biography" de un miembro • https://wpscan.com/vulnerability/11dc3325-e696-4c9e-ba10-968416d5c864 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •