Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bootstrap vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2021-23472
This affects versions prior to 1.19.1 of package bootstrap-table. A type confusion vulnerability can lead to a bypass of input sanitization when the input provided to the escapeHTML function is an array (instead of a string) even if the escape attribute is set.
Bootstrap-table Bootstrap Table
3.5
CVSSv2
CVE-2022-1726
Bootstrap Tables XSS vulnerability with Table Export plug-in when exportOptions: htmlContent is true in GitHub repository wenzhixin/bootstrap-table before 1.20.2. Disclosing session cookies, disclosing secure session data, exfiltrating data to third-parties.
Bootstrap-table Bootstrap Table
NA
CVE-2022-4777
The Bootstrap Shortcodes WordPress plugin up to and including 3.4.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored...
Bootstrap Shortcodes Project Bootstrap Shortcodes
4.3
CVSSv2
CVE-2018-14041
In Bootstrap prior to 4.1.2, XSS is possible in the data-target property of scrollspy.
Getbootstrap Bootstrap
Getbootstrap Bootstrap 4.0.0
4 Github repositories
4.3
CVSSv2
CVE-2022-26624
Bootstrap v3.1.11 and v3.3.7 exists to contain a cross-site scripting (XSS) vulnerability via the Title parameter in /vendor/views/add_product.php.
Ecommerce Codeigniter Bootstrap Project Ecommerce Codeigniter Bootstrap -
1 Github repository
NA
CVE-2022-4834
The CPT Bootstrap Carousel WordPress plugin up to and including 1.12 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks whi...
Cpt Bootstrap Carousel Project Cpt Bootstrap Carousel
NA
CVE-2022-4576
The Easy Bootstrap Shortcode WordPress plugin up to and including 4.5.4 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks ...
Easy Bootstrap Shortcode Project Easy Bootstrap Shortcode
4.3
CVSSv2
CVE-2019-10215
Bootstrap-3-Typeahead after version 4.0.2 is vulnerable to a cross-site scripting flaw in the highlighter() function. An attacker could exploit this via user interaction to execute code in the user's browser.
Bootstrap-3-typeahead Project Bootstrap-3-typeahead
NA
CVE-2022-35213
Ecommerce-CodeIgniter-Bootstrap before commit 56465f exists to contain a cross-site scripting (XSS) vulnerability via the function base_url() at /blog/blogpublish.php.
Ecommerce-codeigniter-bootstrap Project Ecommerce-codeigniter-bootstrap
2 Github repositories
4.3
CVSSv2
CVE-2020-25088
Ecommerce-CodeIgniter-Bootstrap prior to 2020-08-03 allows XSS in application/modules/admin/views/blog/blogpublish.php.
Ecommerce-codeigniter-bootstrap Project Ecommerce-codeigniter-bootstrap
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
firmware
CVE-2006-4304
CVE-2024-32878
CVE-2024-31502
XSS
CVE-2024-3059
CVE-2024-33692
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »