Lucene search

K

Florist Site Security Vulnerabilities

cve
cve

CVE-2023-2957

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Lisa Software Florist Site allows SQL Injection.This issue affects Florist Site: before...

9.8CVSS

9.7AI Score

0.001EPSS

2023-07-13 08:15 AM
13
cve
cve

CVE-2022-1113

The Flower Delivery by Florist One WordPress plugin through 3.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (for example in multisite...

4.8CVSS

4.6AI Score

0.001EPSS

2022-06-27 09:15 AM
57
6