Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
WS-2020-0093
Published:May 19, 2026
Updated:May 20, 2026
lazysizes before 5.2.1-rc1 are vulnerable to Cross-Site Scripting. The video-embed plugin fails to sanitize the following attributes: data-vimeo, data-vimeoparams, data-youtube and data-ytparams. This allows attackers to execute arbitrary JavaScript in a victim's browser if the attacker has control over the vulnerable attributes.
Affected Packages
lazysizes (CDN_JS):
Affected version(s) >=0.4.0 <5.2.1
Fix Suggestion:
Update to version 5.2.1
lazysizes (NPM):
Affected version(s) >=0.4.0 <5.2.1
Fix Suggestion:
Update to version 5.2.1
littlenorth.igloo (NUGET):
Affected version(s) >=5.0.0-beta001 <5.0.4-rc.1
Fix Suggestion:
Update to version 5.0.4-rc.1
our.umbraco.slimsy (NUGET):
Affected version(s) >=2.0.0-beta1 <2.0.0-beta4
Fix Suggestion:
Update to version 2.0.0-beta4
our.umbraco.slimsy (NUGET):
Affected version(s) =3.0.0-beta3 <3.0.0-beta4
Fix Suggestion:
Update to version 3.0.0-beta4
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-fix/setLangOnRestApi <dev-fix/teaserTitle
Fix Suggestion:
Update to version dev-fix/teaserTitle
dnadesign/silverstripe-lazyloaded-image (PHP):
Affected version(s) =0.2.x-dev <0.3.0
Fix Suggestion:
Update to version 0.3.0
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-bugfix/section_banner <dev-bugfix/sessionExpiration
Fix Suggestion:
Update to version dev-bugfix/sessionExpiration
bpocallaghan/titan (PHP):
Affected version(s) =1.2.0 <1.2.1
Fix Suggestion:
Update to version 1.2.1
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-feature/add-sheet-aspect-on-search <dev-feature/addBadgeForNewWoodyTpls
Fix Suggestion:
Update to version dev-feature/addBadgeForNewWoodyTpls
davyin/dyniva_ui (PHP):
Affected version(s) >=0.x-dev <dev-1.x-dev-lzy
Fix Suggestion:
Update to version dev-1.x-dev-lzy
bpocallaghan/titan (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/resources/assets_setup/url-parse-1.5.1 <dev-dependabot/npm_and_yarn/resources/assets_setup/url-parse-1.5.7
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/resources/assets_setup/url-parse-1.5.7
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-feature/tmapsLibrary <dev-feature/topicsEnhanced
Fix Suggestion:
Update to version dev-feature/topicsEnhanced
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/orderByTitleASCFilter <dev-feature/pageTeaserBgMoreData
Fix Suggestion:
Update to version dev-feature/pageTeaserBgMoreData
davyin/dyniva_ui (PHP):
Affected version(s) =3.x-dev <dev-3.x-esbuild
Fix Suggestion:
Update to version dev-3.x-esbuild
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/bookblock <dev-feature/bookblock-texts
Fix Suggestion:
Update to version dev-feature/bookblock-texts
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/addMenusBloc <dev-feature/addMoreContextTools
Fix Suggestion:
Update to version dev-feature/addMoreContextTools
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/countdownBloc <dev-feature/createdPostsDate
Fix Suggestion:
Update to version dev-feature/createdPostsDate
bpocallaghan/laravel-admin-starter (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/dns-packet-1.3.4 <dev-dependabot/npm_and_yarn/loader-utils-1.4.2
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/loader-utils-1.4.2
pressgang-wp/pressgang (PHP):
Affected version(s) =dev-structure <dev-test
Fix Suggestion:
Update to version dev-test
bpocallaghan/titan (PHP):
Affected version(s) >=1.2.2 <1.2.7
Fix Suggestion:
Update to version 1.2.7
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/clearCacheUnpublishPost <dev-feature/convertShortcodeToBlocs
Fix Suggestion:
Update to version dev-feature/convertShortcodeToBlocs
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-feature/highlightsCustomContent <dev-feature/humanizeSheetTitleBreadcrumb
Fix Suggestion:
Update to version dev-feature/humanizeSheetTitleBreadcrumb
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-feature/tradBoutonTelecharger <dev-feature/traduction
Fix Suggestion:
Update to version dev-feature/traduction
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/customHomeUrlMobile <dev-feature/default-tm-conf
Fix Suggestion:
Update to version dev-feature/default-tm-conf
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/termCache <dev-feature/theRoadBook
Fix Suggestion:
Update to version dev-feature/theRoadBook
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-feature/manualFocusData <dev-feature/mapsKeys
Fix Suggestion:
Update to version dev-feature/mapsKeys
pressgang-wp/pressgang (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/path-parse-1.0.7 <dev-dependabot/npm_and_yarn/bl-1.2.3
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/bl-1.2.3
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/EskaladProxy <dev-feature/GeoJSONMea
Fix Suggestion:
Update to version dev-feature/GeoJSONMea
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-feature/updateEPagePreviewApi <dev-feature/updatePrintCss
Fix Suggestion:
Update to version dev-feature/updatePrintCss
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/addNewFilterTeaserDesc <dev-feature/addNewRuleRobotsTxt
Fix Suggestion:
Update to version dev-feature/addNewRuleRobotsTxt
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-master_legacy <dev-mirrorPageBreadcrumb
Fix Suggestion:
Update to version dev-mirrorPageBreadcrumb
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/YarnDownload <dev-feature/add-alignement-choice-tabs-block
Fix Suggestion:
Update to version dev-feature/add-alignement-choice-tabs-block
bpocallaghan/titan (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/resources/assets_setup/dot-prop-4.2.1 <dev-dependabot/npm_and_yarn/resources/assets_setup/tar-4.4.19
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/resources/assets_setup/tar-4.4.19
bpocallaghan/laravel-admin-starter (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/multi-9f37c16f8f <0.0.1
Fix Suggestion:
Update to version 0.0.1
bpocallaghan/laravel-admin-starter (PHP):
Affected version(s) =dev-version_1 <1.0.1
Fix Suggestion:
Update to version 1.0.1
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-feature/enqueueLibraryMomentTz <dev-feature/faq-to-groups
Fix Suggestion:
Update to version dev-feature/faq-to-groups
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-feature/StringTranslation <dev-feature/TplPopin
Fix Suggestion:
Update to version dev-feature/TplPopin
derhaeuptling/contao-lazy-images (PHP):
Affected version(s) >=2.0.0 <3.0.4
Fix Suggestion:
Update to version 3.0.4
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/addBlockTitlesToTabs <dev-feature/addCookieIconForCookiesBannerResponsive
Fix Suggestion:
Update to version dev-feature/addCookieIconForCookiesBannerResponsive
bpocallaghan/titan (PHP):
Affected version(s) >=1.0.0 <1.0.2
Fix Suggestion:
Update to version 1.0.2
voidagency/vactory-project (PHP):
Affected version(s) >=dev-master <1.1.0
Fix Suggestion:
Update to version 1.1.0
tollwerk/tw-base (PHP):
Affected version(s) >=v3.1.0 <dev-typo3-9
Fix Suggestion:
Update to version dev-typo3-9
bpocallaghan/titan (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/resources/assets_setup/postcss-and-laravel-mix-8.4.19 <=dev-dependabot/npm_and_yarn/resources/assets_setup/y18n-4.0.1
Fix Suggestion:
Update to version no_fix
madhouse/craft-starter (PHP):
Affected version(s) >=1.0.5 <1.0.10
Fix Suggestion:
Update to version 1.0.10
hadwao/image-inliner (PHP):
Affected version(s) >=dev-master <=dev-tests
Fix Suggestion:
Update to version no_fix
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/respCustomAcfmargins <dev-feature/responsiveOptions
Fix Suggestion:
Update to version dev-feature/responsiveOptions
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-develop_legacy <dev-displayParentTagName
Fix Suggestion:
Update to version dev-displayParentTagName
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/CheckSeoField <dev-feature/CleanupRewriteRules
Fix Suggestion:
Update to version dev-feature/CleanupRewriteRules
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-feature/upgradeSwiperVersion <dev-feature/woody-animations
Fix Suggestion:
Update to version dev-feature/woody-animations
bpocallaghan/laravel-admin-starter (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/webpack-dev-middleware-5.3.4 <dev-Laravel_5.4
Fix Suggestion:
Update to version dev-Laravel_5.4
etdsolutions/lazysizes (PHP):
Affected version(s) >=dev-master <=2.0.7
Fix Suggestion:
Update to version no_fix
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-feature/addNoPaddingOptionOnTabs <dev-feature/addPinnableContent
Fix Suggestion:
Update to version dev-feature/addPinnableContent
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-feature/addpicto <dev-feature/allow-opacity-bg-params
Fix Suggestion:
Update to version dev-feature/allow-opacity-bg-params
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-feature/analyticsBtnBlock <dev-feature/bloc-titles
Fix Suggestion:
Update to version dev-feature/bloc-titles
brunocfalcao/laraflash-website (PHP):
Affected version(s) >=dev-master <=v1.1.8
Fix Suggestion:
Update to version no_fix
bpocallaghan/laravel-admin-starter (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/follow-redirects-1.15.4 <v2.x-dev
Fix Suggestion:
Update to version v2.x-dev
tollwerk/tw-base (PHP):
Affected version(s) >=v4.0.0 <v4.7.0
Fix Suggestion:
Update to version v4.7.0
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feat/CheckBaliseH1 <1.1.0
Fix Suggestion:
Update to version 1.1.0
bpocallaghan/titan (PHP):
Affected version(s) =1.0.3 <1.0.4
Fix Suggestion:
Update to version 1.0.4
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-feature/newFuncHelperProcessSection <dev-feature/newSheetUpdate
Fix Suggestion:
Update to version dev-feature/newSheetUpdate
derhaeuptling/contao-lazy-images (PHP):
Affected version(s) =3.0.8
Fix Suggestion:
Update to version no_fix
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/singleProductTemplate <dev-feature/sitemap-inc
Fix Suggestion:
Update to version dev-feature/sitemap-inc
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-misc/addBookingTabs <dev-newHawwwaiSheet
Fix Suggestion:
Update to version dev-newHawwwaiSheet
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/preventTplChoiceWithoutThumbnail <dev-feature/profileCustomPostType
Fix Suggestion:
Update to version dev-feature/profileCustomPostType
bpocallaghan/titan (PHP):
Affected version(s) >=1.0.11 <dev-dependabot/npm_and_yarn/resources/assets_setup/eventsource-1.1.1
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/resources/assets_setup/eventsource-1.1.1
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/improveRGAA <dev-feature/improveResponsiveOrderWording
Fix Suggestion:
Update to version dev-feature/improveResponsiveOrderWording
bpocallaghan/laravel-admin-starter (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/babel/traverse-7.23.6 <=dev-dependabot/npm_and_yarn/y18n-4.0.1
Fix Suggestion:
Update to version no_fix
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/LoaderJS <dev-feature/MetaLangUsage
Fix Suggestion:
Update to version dev-feature/MetaLangUsage
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-bugfix/add-img-on-list_content <dev-bugfix/createdFrom-function
Fix Suggestion:
Update to version dev-bugfix/createdFrom-function
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/translateDocButtonLabel <dev-feature/translateNL_BE
Fix Suggestion:
Update to version dev-feature/translateNL_BE
chibko/contao-bootstrap (PHP):
Affected version(s) >=dev-master <=4.4.x-dev
Fix Suggestion:
Update to version no_fix
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-feature/addDescriptionAttachmentPreview <dev-feature/addFilterLazyImgLandswprSlide
Fix Suggestion:
Update to version dev-feature/addFilterLazyImgLandswprSlide
bpocallaghan/laravel-admin-starter (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/url-parse-1.5.1 <dev-dependabot/npm_and_yarn/url-parse-1.5.7
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/url-parse-1.5.7
dnadesign/silverstripe-lazyloaded-image (PHP):
Affected version(s) =dev-master <0.1.0
Fix Suggestion:
Update to version 0.1.0
bpocallaghan/titan (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/resources/assets_setup/ansi-html-and-webpack-dev-server--removed <dev-utils
Fix Suggestion:
Update to version dev-utils
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/roleMediatheque <dev-feature/rollBackPostCreatedBehaviour
Fix Suggestion:
Update to version dev-feature/rollBackPostCreatedBehaviour
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/messagesLumiplan <dev-feature/mixtGallery
Fix Suggestion:
Update to version dev-feature/mixtGallery
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-fix/fixTailleIconsTiktok <dev-fix/landing-swipers-button
Fix Suggestion:
Update to version dev-fix/landing-swipers-button
bpocallaghan/titan (PHP):
Affected version(s) >=1.0.5 <1.0.9
Fix Suggestion:
Update to version 1.0.9
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-feat/AddDataLayer <dev-feature/AddonCookies
Fix Suggestion:
Update to version dev-feature/AddonCookies
derhaeuptling/contao-lazy-images (PHP):
Affected version(s) >=3.0.5 <3.0.7
Fix Suggestion:
Update to version 3.0.7
bpocallaghan/titan (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/resources/assets_setup/nth-check-and-laravel-mix-2.1.1 <dev-dependabot/npm_and_yarn/resources/assets_setup/minimatch-3.1.2
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/resources/assets_setup/minimatch-3.1.2
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/woody_hawwwai_newitem <dev-feature/woodyseo_canonical_url
Fix Suggestion:
Update to version dev-feature/woodyseo_canonical_url
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-feature/importDrilldown <dev-feature/improveAccessibility
Fix Suggestion:
Update to version dev-feature/improveAccessibility
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/TmapsV2 <dev-feature/TouristicMapV2
Fix Suggestion:
Update to version dev-feature/TouristicMapV2
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-addContributorinTeaser <dev-addHeroTitlesToPrintVersion
Fix Suggestion:
Update to version dev-addHeroTitlesToPrintVersion
pi/pi (PHP):
Affected version(s) >=v2.6.0-beta1 <v2.8.0
Fix Suggestion:
Update to version v2.8.0
pressgang-wp/pressgang (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/handlebars-4.7.7 <=dev-dependabot/npm_and_yarn/y18n-4.0.1
Fix Suggestion:
Update to version no_fix
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-legacy/develop <dev-loadBlocksCloneLatre
Fix Suggestion:
Update to version dev-loadBlocksCloneLatre
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-bugfix/detailsFieldSejourPage <dev-bugfix/mirrorPagePreview
Fix Suggestion:
Update to version dev-bugfix/mirrorPagePreview
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-fix/cropRatioSITMEA <dev-fix/cta-and-text-padding
Fix Suggestion:
Update to version dev-fix/cta-and-text-padding
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-feature/mobileLayoutFocusCatalogChild <dev-feature/moreTouristInformations
Fix Suggestion:
Update to version dev-feature/moreTouristInformations
pressgang-wp/pressgang (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/ini-1.3.7 <dev-timber-v2
Fix Suggestion:
Update to version dev-timber-v2
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-addIconInfoRoute <dev-addLinkedInShare
Fix Suggestion:
Update to version dev-addLinkedInShare
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-feature/flushOnSaveMenusOld <dev-feature/getPagePreviewJs
Fix Suggestion:
Update to version dev-feature/getPagePreviewJs
bpocallaghan/laravel-admin-starter (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/path-parse-1.0.7 <dev-dependabot/npm_and_yarn/eventsource-1.1.1
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/eventsource-1.1.1
pi/pi (PHP):
Affected version(s) >=dev-laminas <v2.5.0-alpha1
Fix Suggestion:
Update to version v2.5.0-alpha1
simplon/component_mvc (PHP):
Affected version(s) =dev-master <0.0.1
Fix Suggestion:
Update to version 0.0.1
webgene/webgene-project (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/favOnMEA <dev-feature/feature/primaryBtnVar
Fix Suggestion:
Update to version dev-feature/feature/primaryBtnVar
pressgang-wp/pressgang (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/grunt-1.3.0 <dev-dependabot/npm_and_yarn/mixin-deep-1.3.2
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/mixin-deep-1.3.2
bpocallaghan/laravel-admin-starter (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/browserslist-4.16.6 <dev-Laravel_5.2
Fix Suggestion:
Update to version dev-Laravel_5.2
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/NewSw <dev-feature/RedirectPermalink
Fix Suggestion:
Update to version dev-feature/RedirectPermalink
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/sectionBookblockLayout <dev-feature/sectionClasses
Fix Suggestion:
Update to version dev-feature/sectionClasses
bpocallaghan/titan (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/resources/assets_setup/color-string-1.6.0 <dev-dependabot/npm_and_yarn/resources/assets_setup/follow-redirects-1.14.7
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/resources/assets_setup/follow-redirects-1.14.7
davyin/dyniva_ui (PHP):
Affected version(s) =2.x-dev <2.1.x-dev
Fix Suggestion:
Update to version 2.1.x-dev
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-gulp_migrate <dev-hideDraftPostsInMenu
Fix Suggestion:
Update to version dev-hideDraftPostsInMenu
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/addStationPicto <dev-feature/addTablePluginTinyMCE
Fix Suggestion:
Update to version dev-feature/addTablePluginTinyMCE
pressgang-wp/pressgang (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/websocket-extensions-0.1.4 <v1.x-dev
Fix Suggestion:
Update to version v1.x-dev
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-revert-390-feature/respCustomAcfmargins <dev-show-sharing-links-on-click
Fix Suggestion:
Update to version dev-show-sharing-links-on-click
x-cart-proj/x-cart-proj (PHP):
Affected version(s) =dev-main
Fix Suggestion:
Update to version no_fix
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-fix/addTabsBloc <dev-fix/auto-focus-menu-order
Fix Suggestion:
Update to version dev-fix/auto-focus-menu-order
visol/viresponsiveimages (PHP):
Affected version(s) >=dev-master <0.9.14
Fix Suggestion:
Update to version 0.9.14
derhaeuptling/contao-lazy-images (PHP):
Affected version(s) >=dev-dev <1.0.3
Fix Suggestion:
Update to version 1.0.3
madhouse/craft-starter (PHP):
Affected version(s) >=1.0.1 <1.0.3
Fix Suggestion:
Update to version 1.0.3
bpocallaghan/laravel-admin-starter (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/color-string-1.6.0 <dev-dependabot/npm_and_yarn/follow-redirects-1.14.7
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/follow-redirects-1.14.7
dawehner/lazysizes (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
madhouse/craft-starter (PHP):
Affected version(s) =1.0.0 <dev-andrewmenich-patch-1
Fix Suggestion:
Update to version dev-andrewmenich-patch-1
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/addResponsiveDisplayOptionMapLayout <dev-feature/addResponsiveOptions
Fix Suggestion:
Update to version dev-feature/addResponsiveOptions
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/disableLazyfirstSlideOnly <dev-feature/displayAnchorIndexInSummary
Fix Suggestion:
Update to version dev-feature/displayAnchorIndexInSummary
simplon/component_mvc (PHP):
Affected version(s) =0.0.2
Fix Suggestion:
Update to version no_fix
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-feature/addIframeResizer <dev-feature/addLabelPublicationDate
Fix Suggestion:
Update to version dev-feature/addLabelPublicationDate
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-feature/addWrapButtonsAcf <dev-feature/addon-thumbnails
Fix Suggestion:
Update to version dev-feature/addon-thumbnails
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/protectedPageErrorMessage <dev-feature/pwaHowTo
Fix Suggestion:
Update to version dev-feature/pwaHowTo
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-addWeatherImg <dev-addWiconClassToPageTerms
Fix Suggestion:
Update to version dev-addWiconClassToPageTerms
pressgang-wp/pressgang (PHP):
Affected version(s) =dev-blurUpFixes <dev-master
Fix Suggestion:
Update to version dev-master
bpocallaghan/titan (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/resources/assets_setup/browserslist-4.16.6 <dev-L5.2
Fix Suggestion:
Update to version dev-L5.2
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-bugfix/sheetPreviewStartYear <dev-bugfix/unpublish
Fix Suggestion:
Update to version dev-bugfix/unpublish
tollwerk/tw-base (PHP):
Affected version(s) >=dev-develop <v1.0.0
Fix Suggestion:
Update to version v1.0.0
Do you need more information?
Contact Us
CVSS v4
Base Score:
8.3
Attack Vector
NETWORK
Attack Complexity
LOW
Attack Requirements
NONE
Privileges Required
NONE
User Interaction
PASSIVE
Vulnerable System Confidentiality
HIGH
Vulnerable System Integrity
NONE
Vulnerable System Availability
NONE
Subsequent System Confidentiality
HIGH
Subsequent System Integrity
NONE
Subsequent System Availability
NONE
CVSS v3
Base Score:
7.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE