Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-27889 | 1 Lqd | 1 Liquid Speech Balloon | 2025-01-27 | N/A | 8.8 HIGH |
|
Cross-site request forgery (CSRF) vulnerability in LIQUID SPEECH BALLOON versions prior to 1.2 allows a remote unauthenticated attacker to hijack the authentication of a user and to perform unintended operations by having a user view a malicious page.
|
|||||
| CVE-2019-17070 | 2 Lqd, Microsoft | 2 Liquid Speech Balloon, Internet Explorer | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
The liquid-speech-balloon (aka LIQUID SPEECH BALLOON) plugin before 1.0.7 for WordPress allows XSS with Internet Explorer.
|
|||||