Vulnerability DatabaseWS-2020-0093
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
WS-2020-0093
Published:May 19, 2026
Updated:May 20, 2026
lazysizes before 5.2.1-rc1 are vulnerable to Cross-Site Scripting. The video-embed plugin fails to sanitize the following attributes: data-vimeo, data-vimeoparams, data-youtube and data-ytparams. This allows attackers to execute arbitrary JavaScript in a victim's browser if the attacker has control over the vulnerable attributes.
Affected Packages
lazysizes (CDN_JS):
Affected version(s) >=0.4.0 <5.2.1
Fix Suggestion:
Update to version 5.2.1
lazysizes (NPM):
Affected version(s) >=0.4.0 <5.2.1
Fix Suggestion:
Update to version 5.2.1
littlenorth.igloo (NUGET):
Affected version(s) >=5.0.0-beta001 <5.0.4-rc.1
Fix Suggestion:
Update to version 5.0.4-rc.1
our.umbraco.slimsy (NUGET):
Affected version(s) >=2.0.0-beta1 <2.0.0-beta4
Fix Suggestion:
Update to version 2.0.0-beta4
our.umbraco.slimsy (NUGET):
Affected version(s) =3.0.0-beta3 <3.0.0-beta4
Fix Suggestion:
Update to version 3.0.0-beta4
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/sectionBookblockLayout <dev-feature/sectionClasses
Fix Suggestion:
Update to version dev-feature/sectionClasses
bpocallaghan/laravel-admin-starter (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/babel/traverse-7.23.6 <=dev-dependabot/npm_and_yarn/y18n-4.0.1
Fix Suggestion:
Update to version no_fix
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/protectedPageErrorMessage <dev-feature/pwaHowTo
Fix Suggestion:
Update to version dev-feature/pwaHowTo
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/clearCacheUnpublishPost <dev-feature/convertShortcodeToBlocs
Fix Suggestion:
Update to version dev-feature/convertShortcodeToBlocs
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-feature/mobileLayoutFocusCatalogChild <dev-feature/moreTouristInformations
Fix Suggestion:
Update to version dev-feature/moreTouristInformations
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/addResponsiveDisplayOptionMapLayout <dev-feature/addResponsiveOptions
Fix Suggestion:
Update to version dev-feature/addResponsiveOptions
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-addContributorinTeaser <dev-addHeroTitlesToPrintVersion
Fix Suggestion:
Update to version dev-addHeroTitlesToPrintVersion
bpocallaghan/titan (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/resources/assets_setup/browserslist-4.16.6 <dev-L5.2
Fix Suggestion:
Update to version dev-L5.2
simplon/component_mvc (PHP):
Affected version(s) =dev-master <0.0.1
Fix Suggestion:
Update to version 0.0.1
derhaeuptling/contao-lazy-images (PHP):
Affected version(s) >=3.0.5 <3.0.7
Fix Suggestion:
Update to version 3.0.7
bpocallaghan/laravel-admin-starter (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/dns-packet-1.3.4 <dev-dependabot/npm_and_yarn/loader-utils-1.4.2
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/loader-utils-1.4.2
pi/pi (PHP):
Affected version(s) >=v2.6.0-beta1 <v2.8.0
Fix Suggestion:
Update to version v2.8.0
bpocallaghan/titan (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/resources/assets_setup/ansi-html-and-webpack-dev-server--removed <dev-utils
Fix Suggestion:
Update to version dev-utils
davyin/dyniva_ui (PHP):
Affected version(s) =3.x-dev <dev-3.x-esbuild
Fix Suggestion:
Update to version dev-3.x-esbuild
pi/pi (PHP):
Affected version(s) >=dev-laminas <v2.5.0-alpha1
Fix Suggestion:
Update to version v2.5.0-alpha1
dawehner/lazysizes (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-feature/updateEPagePreviewApi <dev-feature/updatePrintCss
Fix Suggestion:
Update to version dev-feature/updatePrintCss
bpocallaghan/laravel-admin-starter (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/webpack-dev-middleware-5.3.4 <dev-Laravel_5.4
Fix Suggestion:
Update to version dev-Laravel_5.4
bpocallaghan/titan (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/resources/assets_setup/postcss-and-laravel-mix-8.4.19 <=dev-dependabot/npm_and_yarn/resources/assets_setup/y18n-4.0.1
Fix Suggestion:
Update to version no_fix
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/LoaderJS <dev-feature/MetaLangUsage
Fix Suggestion:
Update to version dev-feature/MetaLangUsage
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/addBlockTitlesToTabs <dev-feature/addCookieIconForCookiesBannerResponsive
Fix Suggestion:
Update to version dev-feature/addCookieIconForCookiesBannerResponsive
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-feature/addpicto <dev-feature/allow-opacity-bg-params
Fix Suggestion:
Update to version dev-feature/allow-opacity-bg-params
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/preventTplChoiceWithoutThumbnail <dev-feature/profileCustomPostType
Fix Suggestion:
Update to version dev-feature/profileCustomPostType
bpocallaghan/titan (PHP):
Affected version(s) >=1.0.5 <1.0.9
Fix Suggestion:
Update to version 1.0.9
bpocallaghan/titan (PHP):
Affected version(s) >=1.0.11 <dev-dependabot/npm_and_yarn/resources/assets_setup/eventsource-1.1.1
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/resources/assets_setup/eventsource-1.1.1
visol/viresponsiveimages (PHP):
Affected version(s) >=dev-master <0.9.14
Fix Suggestion:
Update to version 0.9.14
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-feature/addIframeResizer <dev-feature/addLabelPublicationDate
Fix Suggestion:
Update to version dev-feature/addLabelPublicationDate
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-legacy/develop <dev-loadBlocksCloneLatre
Fix Suggestion:
Update to version dev-loadBlocksCloneLatre
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/TmapsV2 <dev-feature/TouristicMapV2
Fix Suggestion:
Update to version dev-feature/TouristicMapV2
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/countdownBloc <dev-feature/createdPostsDate
Fix Suggestion:
Update to version dev-feature/createdPostsDate
pressgang-wp/pressgang (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/handlebars-4.7.7 <=dev-dependabot/npm_and_yarn/y18n-4.0.1
Fix Suggestion:
Update to version no_fix
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/roleMediatheque <dev-feature/rollBackPostCreatedBehaviour
Fix Suggestion:
Update to version dev-feature/rollBackPostCreatedBehaviour
derhaeuptling/contao-lazy-images (PHP):
Affected version(s) >=2.0.0 <3.0.4
Fix Suggestion:
Update to version 3.0.4
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-develop_legacy <dev-displayParentTagName
Fix Suggestion:
Update to version dev-displayParentTagName
dnadesign/silverstripe-lazyloaded-image (PHP):
Affected version(s) =0.2.x-dev <0.3.0
Fix Suggestion:
Update to version 0.3.0
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-bugfix/detailsFieldSejourPage <dev-bugfix/mirrorPagePreview
Fix Suggestion:
Update to version dev-bugfix/mirrorPagePreview
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/customHomeUrlMobile <dev-feature/default-tm-conf
Fix Suggestion:
Update to version dev-feature/default-tm-conf
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/bookblock <dev-feature/bookblock-texts
Fix Suggestion:
Update to version dev-feature/bookblock-texts
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-revert-390-feature/respCustomAcfmargins <dev-show-sharing-links-on-click
Fix Suggestion:
Update to version dev-show-sharing-links-on-click
bpocallaghan/laravel-admin-starter (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/follow-redirects-1.15.4 <v2.x-dev
Fix Suggestion:
Update to version v2.x-dev
simplon/component_mvc (PHP):
Affected version(s) =0.0.2
Fix Suggestion:
Update to version no_fix
bpocallaghan/titan (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/resources/assets_setup/url-parse-1.5.1 <dev-dependabot/npm_and_yarn/resources/assets_setup/url-parse-1.5.7
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/resources/assets_setup/url-parse-1.5.7
bpocallaghan/titan (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/resources/assets_setup/dot-prop-4.2.1 <dev-dependabot/npm_and_yarn/resources/assets_setup/tar-4.4.19
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/resources/assets_setup/tar-4.4.19
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-feature/tradBoutonTelecharger <dev-feature/traduction
Fix Suggestion:
Update to version dev-feature/traduction
bpocallaghan/titan (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/resources/assets_setup/nth-check-and-laravel-mix-2.1.1 <dev-dependabot/npm_and_yarn/resources/assets_setup/minimatch-3.1.2
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/resources/assets_setup/minimatch-3.1.2
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-feature/add-sheet-aspect-on-search <dev-feature/addBadgeForNewWoodyTpls
Fix Suggestion:
Update to version dev-feature/addBadgeForNewWoodyTpls
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/YarnDownload <dev-feature/add-alignement-choice-tabs-block
Fix Suggestion:
Update to version dev-feature/add-alignement-choice-tabs-block
bpocallaghan/laravel-admin-starter (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/url-parse-1.5.1 <dev-dependabot/npm_and_yarn/url-parse-1.5.7
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/url-parse-1.5.7
bpocallaghan/laravel-admin-starter (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/path-parse-1.0.7 <dev-dependabot/npm_and_yarn/eventsource-1.1.1
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/eventsource-1.1.1
madhouse/craft-starter (PHP):
Affected version(s) >=1.0.1 <1.0.3
Fix Suggestion:
Update to version 1.0.3
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/translateDocButtonLabel <dev-feature/translateNL_BE
Fix Suggestion:
Update to version dev-feature/translateNL_BE
pressgang-wp/pressgang (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/grunt-1.3.0 <dev-dependabot/npm_and_yarn/mixin-deep-1.3.2
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/mixin-deep-1.3.2
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-addIconInfoRoute <dev-addLinkedInShare
Fix Suggestion:
Update to version dev-addLinkedInShare
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/woody_hawwwai_newitem <dev-feature/woodyseo_canonical_url
Fix Suggestion:
Update to version dev-feature/woodyseo_canonical_url
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-feature/addNoPaddingOptionOnTabs <dev-feature/addPinnableContent
Fix Suggestion:
Update to version dev-feature/addPinnableContent
bpocallaghan/titan (PHP):
Affected version(s) =1.0.3 <1.0.4
Fix Suggestion:
Update to version 1.0.4
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/addNewFilterTeaserDesc <dev-feature/addNewRuleRobotsTxt
Fix Suggestion:
Update to version dev-feature/addNewRuleRobotsTxt
bpocallaghan/laravel-admin-starter (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/color-string-1.6.0 <dev-dependabot/npm_and_yarn/follow-redirects-1.14.7
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/follow-redirects-1.14.7
hadwao/image-inliner (PHP):
Affected version(s) >=dev-master <=dev-tests
Fix Suggestion:
Update to version no_fix
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-feature/importDrilldown <dev-feature/improveAccessibility
Fix Suggestion:
Update to version dev-feature/improveAccessibility
bpocallaghan/laravel-admin-starter (PHP):
Affected version(s) =dev-version_1 <1.0.1
Fix Suggestion:
Update to version 1.0.1
derhaeuptling/contao-lazy-images (PHP):
Affected version(s) =3.0.8
Fix Suggestion:
Update to version no_fix
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/improveRGAA <dev-feature/improveResponsiveOrderWording
Fix Suggestion:
Update to version dev-feature/improveResponsiveOrderWording
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-feature/newFuncHelperProcessSection <dev-feature/newSheetUpdate
Fix Suggestion:
Update to version dev-feature/newSheetUpdate
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/NewSw <dev-feature/RedirectPermalink
Fix Suggestion:
Update to version dev-feature/RedirectPermalink
bpocallaghan/titan (PHP):
Affected version(s) >=1.2.2 <1.2.7
Fix Suggestion:
Update to version 1.2.7
voidagency/vactory-project (PHP):
Affected version(s) >=dev-master <1.1.0
Fix Suggestion:
Update to version 1.1.0
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-feature/analyticsBtnBlock <dev-feature/bloc-titles
Fix Suggestion:
Update to version dev-feature/bloc-titles
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-feature/manualFocusData <dev-feature/mapsKeys
Fix Suggestion:
Update to version dev-feature/mapsKeys
tollwerk/tw-base (PHP):
Affected version(s) >=v3.1.0 <dev-typo3-9
Fix Suggestion:
Update to version dev-typo3-9
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-feat/AddDataLayer <dev-feature/AddonCookies
Fix Suggestion:
Update to version dev-feature/AddonCookies
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/orderByTitleASCFilter <dev-feature/pageTeaserBgMoreData
Fix Suggestion:
Update to version dev-feature/pageTeaserBgMoreData
tollwerk/tw-base (PHP):
Affected version(s) >=v4.0.0 <v4.7.0
Fix Suggestion:
Update to version v4.7.0
x-cart-proj/x-cart-proj (PHP):
Affected version(s) =dev-main
Fix Suggestion:
Update to version no_fix
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-fix/addTabsBloc <dev-fix/auto-focus-menu-order
Fix Suggestion:
Update to version dev-fix/auto-focus-menu-order
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/favOnMEA <dev-feature/feature/primaryBtnVar
Fix Suggestion:
Update to version dev-feature/feature/primaryBtnVar
bpocallaghan/titan (PHP):
Affected version(s) >=1.0.0 <1.0.2
Fix Suggestion:
Update to version 1.0.2
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-fix/setLangOnRestApi <dev-fix/teaserTitle
Fix Suggestion:
Update to version dev-fix/teaserTitle
madhouse/craft-starter (PHP):
Affected version(s) >=1.0.5 <1.0.10
Fix Suggestion:
Update to version 1.0.10
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-feature/highlightsCustomContent <dev-feature/humanizeSheetTitleBreadcrumb
Fix Suggestion:
Update to version dev-feature/humanizeSheetTitleBreadcrumb
tollwerk/tw-base (PHP):
Affected version(s) >=dev-develop <v1.0.0
Fix Suggestion:
Update to version v1.0.0
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-misc/addBookingTabs <dev-newHawwwaiSheet
Fix Suggestion:
Update to version dev-newHawwwaiSheet
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-feature/addDescriptionAttachmentPreview <dev-feature/addFilterLazyImgLandswprSlide
Fix Suggestion:
Update to version dev-feature/addFilterLazyImgLandswprSlide
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/CheckSeoField <dev-feature/CleanupRewriteRules
Fix Suggestion:
Update to version dev-feature/CleanupRewriteRules
madhouse/craft-starter (PHP):
Affected version(s) =1.0.0 <dev-andrewmenich-patch-1
Fix Suggestion:
Update to version dev-andrewmenich-patch-1
bpocallaghan/laravel-admin-starter (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/multi-9f37c16f8f <0.0.1
Fix Suggestion:
Update to version 0.0.1
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/respCustomAcfmargins <dev-feature/responsiveOptions
Fix Suggestion:
Update to version dev-feature/responsiveOptions
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-feature/tmapsLibrary <dev-feature/topicsEnhanced
Fix Suggestion:
Update to version dev-feature/topicsEnhanced
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-feature/upgradeSwiperVersion <dev-feature/woody-animations
Fix Suggestion:
Update to version dev-feature/woody-animations
davyin/dyniva_ui (PHP):
Affected version(s) >=0.x-dev <dev-1.x-dev-lzy
Fix Suggestion:
Update to version dev-1.x-dev-lzy
bpocallaghan/titan (PHP):
Affected version(s) =1.2.0 <1.2.1
Fix Suggestion:
Update to version 1.2.1
pressgang-wp/pressgang (PHP):
Affected version(s) =dev-blurUpFixes <dev-master
Fix Suggestion:
Update to version dev-master
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/addStationPicto <dev-feature/addTablePluginTinyMCE
Fix Suggestion:
Update to version dev-feature/addTablePluginTinyMCE
bpocallaghan/laravel-admin-starter (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/browserslist-4.16.6 <dev-Laravel_5.2
Fix Suggestion:
Update to version dev-Laravel_5.2
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-fix/fixTailleIconsTiktok <dev-fix/landing-swipers-button
Fix Suggestion:
Update to version dev-fix/landing-swipers-button
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/EskaladProxy <dev-feature/GeoJSONMea
Fix Suggestion:
Update to version dev-feature/GeoJSONMea
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-feature/addWrapButtonsAcf <dev-feature/addon-thumbnails
Fix Suggestion:
Update to version dev-feature/addon-thumbnails
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-feature/flushOnSaveMenusOld <dev-feature/getPagePreviewJs
Fix Suggestion:
Update to version dev-feature/getPagePreviewJs
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/addMenusBloc <dev-feature/addMoreContextTools
Fix Suggestion:
Update to version dev-feature/addMoreContextTools
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/disableLazyfirstSlideOnly <dev-feature/displayAnchorIndexInSummary
Fix Suggestion:
Update to version dev-feature/displayAnchorIndexInSummary
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-gulp_migrate <dev-hideDraftPostsInMenu
Fix Suggestion:
Update to version dev-hideDraftPostsInMenu
etdsolutions/lazysizes (PHP):
Affected version(s) >=dev-master <=2.0.7
Fix Suggestion:
Update to version no_fix
pressgang-wp/pressgang (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/ini-1.3.7 <dev-timber-v2
Fix Suggestion:
Update to version dev-timber-v2
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/termCache <dev-feature/theRoadBook
Fix Suggestion:
Update to version dev-feature/theRoadBook
webgene/webgene-project (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/messagesLumiplan <dev-feature/mixtGallery
Fix Suggestion:
Update to version dev-feature/mixtGallery
chibko/contao-bootstrap (PHP):
Affected version(s) >=dev-master <=4.4.x-dev
Fix Suggestion:
Update to version no_fix
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-bugfix/section_banner <dev-bugfix/sessionExpiration
Fix Suggestion:
Update to version dev-bugfix/sessionExpiration
davyin/dyniva_ui (PHP):
Affected version(s) =2.x-dev <2.1.x-dev
Fix Suggestion:
Update to version 2.1.x-dev
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-feature/StringTranslation <dev-feature/TplPopin
Fix Suggestion:
Update to version dev-feature/TplPopin
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-bugfix/add-img-on-list_content <dev-bugfix/createdFrom-function
Fix Suggestion:
Update to version dev-bugfix/createdFrom-function
bpocallaghan/titan (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/resources/assets_setup/color-string-1.6.0 <dev-dependabot/npm_and_yarn/resources/assets_setup/follow-redirects-1.14.7
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/resources/assets_setup/follow-redirects-1.14.7
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feature/singleProductTemplate <dev-feature/sitemap-inc
Fix Suggestion:
Update to version dev-feature/sitemap-inc
pressgang-wp/pressgang (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/websocket-extensions-0.1.4 <v1.x-dev
Fix Suggestion:
Update to version v1.x-dev
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-bugfix/sheetPreviewStartYear <dev-bugfix/unpublish
Fix Suggestion:
Update to version dev-bugfix/unpublish
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-feat/CheckBaliseH1 <1.1.0
Fix Suggestion:
Update to version 1.1.0
dnadesign/silverstripe-lazyloaded-image (PHP):
Affected version(s) =dev-master <0.1.0
Fix Suggestion:
Update to version 0.1.0
pressgang-wp/pressgang (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/path-parse-1.0.7 <dev-dependabot/npm_and_yarn/bl-1.2.3
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/bl-1.2.3
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-fix/cropRatioSITMEA <dev-fix/cta-and-text-padding
Fix Suggestion:
Update to version dev-fix/cta-and-text-padding
brunocfalcao/laraflash-website (PHP):
Affected version(s) >=dev-master <=v1.1.8
Fix Suggestion:
Update to version no_fix
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-addWeatherImg <dev-addWiconClassToPageTerms
Fix Suggestion:
Update to version dev-addWiconClassToPageTerms
pressgang-wp/pressgang (PHP):
Affected version(s) =dev-structure <dev-test
Fix Suggestion:
Update to version dev-test
woody-wordpress/woody-theme (PHP):
Affected version(s) >=dev-feature/enqueueLibraryMomentTz <dev-feature/faq-to-groups
Fix Suggestion:
Update to version dev-feature/faq-to-groups
woody-wordpress/woody-theme (PHP):
Affected version(s) =dev-master_legacy <dev-mirrorPageBreadcrumb
Fix Suggestion:
Update to version dev-mirrorPageBreadcrumb
derhaeuptling/contao-lazy-images (PHP):
Affected version(s) >=dev-dev <1.0.3
Fix Suggestion:
Update to version 1.0.3
Related Resources (1)
https://github.com/aFarkas/lazysizes/commit/3720ab8262552d4e063a38d8492f9490a231fd48
Do you need more information?
Contact Us
CVSS v4
Base Score:
8.3
Attack Vector
NETWORK
Attack Complexity
LOW
Attack Requirements
NONE
Privileges Required
NONE
User Interaction
PASSIVE
Vulnerable System Confidentiality
HIGH
Vulnerable System Integrity
NONE
Vulnerable System Availability
NONE
Subsequent System Confidentiality
HIGH
Subsequent System Integrity
NONE
Subsequent System Availability
NONE
CVSS v3
Base Score:
7.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE