Vulnerabilities > Datenverwurstungszentrale
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-15 | CVE-2024-2695 | Cross-site Scripting vulnerability in Datenverwurstungszentrale Shariff Wrapper The Shariff Wrapper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'shariff' shortcode in all versions up to, and including, 4.6.13 due to insufficient input sanitization and output escaping on user supplied attributes such as 'borderradius' and 'timestamp'. | 5.4 |
| 2024-03-21 | CVE-2024-0966 | Cross-site Scripting vulnerability in Datenverwurstungszentrale Shariff Wrapper The Shariff Wrapper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'shariff' shortcode in all versions up to, and including, 4.6.9 due to insufficient input sanitization and output escaping on user supplied attributes like 'info_text'. | 5.4 |
| 2024-03-21 | CVE-2024-1450 | Cross-site Scripting vulnerability in Datenverwurstungszentrale Shariff Wrapper The Shariff Wrapper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'shariff' shortcode in all versions up to, and including, 4.6.10 due to insufficient input sanitization and output escaping on user supplied attributes such as 'align'. | 5.4 |
| 2024-03-21 | CVE-2023-6500 | Cross-site Scripting vulnerability in Datenverwurstungszentrale Shariff Wrapper The Shariff Wrapper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'shariff' shortcode in all versions up to, and including, 4.6.9 due to insufficient input sanitization and output escaping on user supplied attributes such as 'secondarycolor' and 'maincolor'. | 5.4 |
| 2024-03-19 | CVE-2024-29109 | Unspecified vulnerability in Datenverwurstungszentrale Shariff Wrapper Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jan-Peter Lambeck & 3UU Shariff Wrapper allows Stored XSS.This issue affects Shariff Wrapper: from n/a through 4.6.10. | 5.4 |