Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
toolbar vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-3611
The Toolbar Extras for Elementor & More – WordPress Admin Bar Enhanced plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'tbex-version' shortcode in all versions up to, and including, 1.4.9 due to insufficient input saniti...
NA
CVE-2024-32540
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Web357 Fixed HTML Toolbar allows Stored XSS.This issue affects Fixed HTML Toolbar: from n/a up to and including 1.0.7.
NA
CVE-2024-1894
The Burst Statistics – Privacy-Friendly Analytics for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'burst_total_pageviews_count' custom meta field in all versions up to, and including, 1.5.6.1 due to insufficient input saniti...
NA
CVE-2023-6389
The WordPress Toolbar WordPress plugin up to and including 2.2.6 redirects to any URL via the "wptbto" parameter. This makes it possible for unauthenticated malicious users to redirect users to potentially malicious sites if they can successfully trick them into perform...
Abhinavsingh Wordpress Toolbar
NA
CVE-2022-2163
Use after free in Cast UI and Toolbar in Google Chrome before 103.0.5060.134 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via UI interaction.
Google Chrome
Fedoraproject Extra Packages For Enterprise Linux 8.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
605
VMScore
CVE-2022-1918
The ToolBar to Share plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.0. This is due to missing nonce validation on the plugin_toolbar_comparte page. This makes it possible for unauthenticated malicious users to update the plugi...
Toolbar To Share Project Toolbar To Share
383
VMScore
CVE-2021-38264
Cross-site scripting (XSS) vulnerability in the Frontend Taglib module in Liferay Portal 7.4.0 and 7.4.1 allows remote malicious users to inject arbitrary web script or HTML into the management toolbar search via the `keywords` parameter. This issue is caused by an incomplete fix...
Liferay Liferay Portal 7.4.0
Liferay Liferay Portal 7.4.1
383
VMScore
CVE-2021-35463
Cross-site scripting (XSS) vulnerability in the Frontend Taglib module in Liferay Portal 7.4.0 allows remote malicious users to inject arbitrary web script or HTML into the management toolbar search via the `keywords` parameter.
Liferay Liferay Portal 7.4.0
668
VMScore
CVE-2021-33592
NAVER Toolbar prior to 4.0.30.323 allows remote malicious users to execute arbitrary code via a crafted upgrade.xml file. Special characters in filename parameter can be the cause of bypassing code signing check function.
Naver Toolbar
668
VMScore
CVE-2021-30459
A SQL Injection issue in the SQL Panel in Jazzband Django Debug Toolbar prior to 1.11.1, 2.x prior to 2.2.1, and 3.x prior to 3.2.1 allows malicious users to execute SQL statements by changing the raw_sql input field of the SQL explain, analyze, or select form.
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »