Description
XSS issues were discovered in phpMyAdmin. This affects navigation pane and database/table hiding feature (a specially-crafted database name can be used to trigger an XSS attack); the "Tracking" feature (a specially-crafted query can be used to trigger an XSS attack); and GIS visualization feature. All 4.6.x versions (prior to 4.6.4) and 4.4.x versions (prior to 4.4.15.8) are affected.
Remediation
References
Related Vulnerabilities
WordPress Plugin Product Catalog Arbitrary File Upload (3.1.1)
WordPress Plugin GiveWP-Donation and Fundraising Platform PHP Object Injection (2.3.0)
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-4225)
WordPress Plugin WordPress Download Manager Multiple Vulnerabilities (3.1.24)
WordPress Plugin Woo Email Control Cross-Site Scripting (1.01)