The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the calculations parameter in all versions up to, and including, 3.8.19 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
The Ninja Forms WordPress plugin before 3.8.11 does not escape an URL before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
The Ninja Forms - File Uploads Extension WordPress plugin is vulnerable to reflected cross-site scripting due to missing sanitization of the files filename parameter found in the ~/includes/ajax/controllers/uploads.php file which can be used by unauthenticated attackers to add malicious web scripts to vulnerable WordPress sites, in versions up to and including 3.3.12.
The Ninja Forms - File Uploads plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an uploaded file (e.g. RTX file) in all versions up to, and including, 3.3.16 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
The Ninja Forms Contact Form WordPress plugin before 3.6.22 does not properly escape user input before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Saturday Drive Ninja Forms Contact Form plugin <= 3.6.25 versions.
In the Ninja Forms Contact Form WordPress plugin before 3.4.34, the wp_ajax_nf_oauth_connect AJAX action was vulnerable to open redirect due to the use of a user supplied redirect parameter and no protection in place.
The ninja-forms plugin before 3.4.24.2 for WordPress allows CSRF with resultant XSS.
Multiple cross-site scripting (XSS) vulnerabilities in the Ninja Forms plugin before 2.8.9 for WordPress allow (1) remote attackers to inject arbitrary web script or HTML via the ninja_forms_field_1 parameter in a ninja_forms_ajax_submit action to wp-admin/admin-ajax.php or (2) remote administrators to inject arbitrary web script or HTML via the fields[1] parameter to wp-admin/post.php.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saturday Drive Ninja Forms allows Stored XSS.This issue affects Ninja Forms: from n/a through 3.8.16.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saturday Drive Ninja Forms allows Stored XSS.This issue affects Ninja Forms: from n/a through 3.8.16.
The Ninja Forms Contact Form WordPress plugin before 3.6.34 does not sanitize and escape its label fields, which could allow high privilege users such as admin to perform Stored XSS attacks. Only users with the unfiltered_html capability can perform this, and such users are already allowed to use JS in posts/comments etc however the vendor acknowledged and fixed the issue
The Ninja Forms Contact Form WordPress plugin before 3.6.10 does not sanitize and escape some imported data, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
The Ninja Forms Contact Form WordPress plugin before 3.6.10 does not sanitise and escape field labels, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
The Ninja Forms Contact Form WordPress plugin before 3.5.8.2 does not sanitise and escape the custom class name of the form field created, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the use of a templating engine in all versions up to, and including, 3.10.2.1 due to insufficient output escaping on user data passed through the template. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Saturday Drive Ninja Forms allows Stored XSS.This issue affects Ninja Forms: from n/a through 3.8.11.
The Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an image title embedded into a form in all versions up to, and including, 3.8.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
The Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.8.0. This is due to missing or incorrect nonce validation on the nf_download_all_subs AJAX action. This makes it possible for unauthenticated attackers to trigger an export of a form's submission to a publicly accessible location via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode in all versions up to, and including, 3.8.24 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
The Ninja Forms WordPress plugin before 3.10.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
The Ninja Forms WordPress plugin before 3.10.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
The Ninja Forms WordPress plugin before 3.10.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Saturday Drive's Ninja Forms Contact Form plugin <= 3.6.9 at WordPress via "label".
The Ninja Forms plugin before 3.2.14 for WordPress has XSS.
The Ninja Forms plugin 3.4.22 for WordPress has Multiple Stored XSS vulnerabilities via ninja_forms[recaptcha_site_key], ninja_forms[recaptcha_secret_key], ninja_forms[recaptcha_lang], or ninja_forms[date_format].
The Kudos Donations – Easy donations and payments with Mollie plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 's' parameter in all versions up to, and including, 3.2.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
GLPI stands for Gestionnaire Libre de Parc Informatique and is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. Information associated to registration key are not properly escaped in registration key configuration page. They can be used to steal a GLPI administrator cookie. Users are advised to upgrade to 10.0.3. There are no known workarounds for this issue. ### Workarounds Do not use a registration key created by an untrusted person.
Settings.aspx?view=About in Directum 5.8.2 allows XSS via the HTTP User-Agent header.
Dify is an open-source LLM app development platform. Prior to 1.13.0, a cross site scripting vulnerability has been found in the web application chat frontend when using echarts. User or llm inputs containing echarts containing a specific javascript payload will be executed. This vulnerability is fixed in 1.13.0.
The Media Library Assistant plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘smc_settings_tab', 'unattachfixit-action', and 'woofixit-action’ parameters in all versions up to, and including, 3.23 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
The Payments Plugin and Checkout Plugin for WooCommerce: Stripe, PayPal, Square, Authorize.net plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.112.0. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Cross-site Scripting (XSS) vulnerability in firmware section of Secomea GateManager allows logged in user to inject javascript in browser session. This issue affects: Secomea GateManager Version 9.6.621421014 and all prior versions.
Helpy v2.1.0 has Stored XSS via the Ticket title.
kkFileView v4.1.0 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities via the urls and currentUrl parameters at /controller/OnlinePreviewController.java.
The Download HTML TinyMCE Button WordPress plugin through 1.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.
SAP NetWeaver Enterprise Portal does - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, not sufficiently encode user-controlled inputs over the network, resulting in reflected Cross-Site Scripting (XSS) vulnerability, therefore changing the scope of the attack. This leads to limited impact on confidentiality and integrity of data.
The Plugin Oficial WordPress plugin through 1.7.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against only unauthenticated users.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Yordam Informatics Library Automation System allows Reflected XSS.This issue affects Library Automation System: before 21.6.
1CDN is open-source file sharing software. In 1CDN before commit f88a2730fa50fc2c2aeab09011f6f142fd90ec25, there is a basic cross-site scripting vulnerability that allows an attacker to inject /<script>//code</script> and execute JavaScript code on the client side.
The Easy Voice Mail plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘message’ parameter in all versions up to, and including, 1.2.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Cross-Site Scripting vulnerability. Successful exploitation could lead to information disclosure.
The personal-authors-category plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the URL path in all versions up to, and including, 0.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Collabora Online is a collaborative online office suite. A reflected XSS vulnerability was found in Collabora Online prior to version 6.4.9-5. An attacker could inject unescaped HTML into a variable as they created the Collabora Online iframe, and execute scripts inside the context of the Collabora Online iframe. This would give access to a small set of user settings stored in the browser, as well as the session's authentication token which was also passed in at iframe creation time. The issue is patched in Collabora Online 6.4.9-5. Collabora Online 4.2 is not affected.
The LiteSpeed Cache plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URLs in all versions up to, and including, 7.5.0.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
esdoc-publish-html-plugin is a plugin for the document maintenance software ESDoc. TheHTML sanitizer in esdoc-publish-html-plugin 1.1.2 and prior can be bypassed which may lead to cross-site scripting (XSS) issues. There are no known patches for this issue.
The WP Social Ninja – Embed Social Feeds, Customer Reviews, Chat Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 3.20.3 due to insufficient input sanitization and output escaping on externally-sourced content. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page, granted they can post malicious content to a connected Google Business Profile or Facebook page.
Cross-site Scripting (XSS) in UebiMiau 2.7.11 and earlier allows remote attackers to inject arbitrary web script or HTML via the "selected_theme" parameter in error.php.
Cockpit is a content management system that allows addition of content management functionality to any site. In versions 0.12.2 and prior, bad HTML sanitization in `htmleditor.js` may lead to cross-site scripting (XSS) issues. There are no known patches for this issue.
A Cross-site scripting (XSS) vulnerability in the DocumentAction component of U.S. National Security Agency (NSA) Emissary 5.9.0 allows remote attackers to inject arbitrary web script or HTML via the uuid parameter.