Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
text vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-26539
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Max Chirkov Advanced Text Widget plugin <= 2.1.2 versions.
Advanced Text Widget Project Advanced Text Widget
4.3
CVSSv2
CVE-2014-4604
Cross-site scripting (XSS) vulnerability in settings/pwsettings.php in the Your Text Manager plugin 0.3.0 and previous versions for WordPress allows remote malicious users to inject arbitrary web script or HTML via the ytmpw parameter.
Your-text-manager Project Your-text-manager
5.4
CVSSv2
CVE-2014-5714
The Text Me! Free Texting & Call (aka com.textmeinc.textme) application 2.5.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Go-text Text Me\\! Free Texting \\& Call 2.5.5
4.3
CVSSv2
CVE-2008-3367
Cross-site scripting (XSS) vulnerability in RTE_popup_link.asp in Web Wiz Rich Text Editor (RTE) 3.x and 4.x prior to 4.03 allows remote malicious users to inject arbitrary web script or HTML via the email parameter.
Webwizguide Web Wiz Rich Text Editor
Webwizguide Web Wiz Rich Text Editor 3
Webwizguide Web Wiz Rich Text Editor 4.0
Webwizguide Web Wiz Rich Text Editor 4.01
3.5
CVSSv2
CVE-2015-20019
The Content text slider on post WordPress plugin prior to 6.9 does not sanitise and escape the Title and Message/Content settings, which could lead to Cross-Site Scripting issues
Content Text Slider On Post Project Content Text Slider On Post
3.5
CVSSv2
CVE-2022-1395
The Easy FAQ with Expanding Text WordPress plugin up to and including 3.2.8.3.1 does not sanitise and escape its settings, allowing high privilege users to perform Cross-Site Scripting attacks when unfiltered_html is disallowed
Easy Faq With Expanding Text Project Easy Faq With Expanding Text
NA
CVE-2021-38561
golang.org/x/text/language in golang.org/x/text prior to 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack.
Golang Text
NA
CVE-2022-32149
An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.
Golang Text
5
CVSSv2
CVE-2020-28852
In x/text in Go before v0.3.5, a "slice bounds out of range" panic occurs in language.ParseAcceptLanguage while processing a BCP 47 tag. (x/text/language is supposed to be able to parse an HTTP Accept-Language header.)
Golang Text
NA
CVE-2023-5817
The Neon text plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's neontext_box shortcode in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping on user supplied attributes (color). This makes it pos...
Eralion Neon Text
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »