16 matches found
WordPress External Database Based Actions Plugin <= 0.1 is vulnerable to Privilege Escalation
Software External Database Based Actions Type Plugin Vulnerable versions = 0.1 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-10311 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID cd4901766574...
WordPress Simple Local Avatars Plugin <= 2.7.11 is vulnerable to Broken Access Control
Software Simple Local Avatars Type Plugin Vulnerable versions = 2.7.11 Fixed in 2.8.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-10786 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 717b24faeea4 Credits Trương Hữu Phúc...
szk.at Improper Access Control vulnerability OBB-3781993
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
WordPress Jetpack Plugin < 12.7 is vulnerable to Clickjacking
Software Jetpack Type Plugin Vulnerable versions 12.7 Fixed in 12.7 OWASP Top 10 A3: Injection Classification Clickjacking CVE CVE-2023-47774 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 18fefcc21cac Credits Rafie Muhammad Patchstack Required privilege Contributor...
WordPress Namaste! LMS Plugin <= 2.6.1.1 is vulnerable to Cross Site Scripting (XSS)
Software Namaste! LMS Type Plugin Vulnerable versions = 2.6.1.1 Fixed in 2.6.1.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4602 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 31640ca97ff3 Credits Vincenzo Turturro...
perfectfittshirts.com Cross Site Scripting vulnerability OBB-3057588
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
truongthanhdanang.com Cross Site Scripting vulnerability OBB-2273348
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
endlich-frei-leben.de Cross Site Scripting vulnerability OBB-2273301
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
fireflysunsetresort.com Cross Site Scripting vulnerability OBB-2272806
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
xinchaobacsy.com Cross Site Scripting vulnerability OBB-2272335
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
markbelinsky.com XSS vulnerability
Open Bug Bounty ID: OBB-698686 Description| Value ---|--- Affected Website:| markbelinsky.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden...
wallpaperspic.pw XSS vulnerability
Vulnerable URL: http://wallpaperspic.pw/?s=1%3C!%27/%22/%27/%22/--%3E%3C/Script%3E%3CImage%20SrcSet=K%20/;%20OnError=confirmOPENBUGBOUNTY%20//%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 15.11.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed...
tittigirls.com XSS vulnerability
Vulnerable URL: http://tittigirls.com/main.php?nats=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| Yes, at 26.07.2017 Latest check for patch:| 26.07.2017 09:23 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown /...
fhg.grannybet.com XSS vulnerability
Vulnerable URL: http://fhg.grannybet.com/pics/0101905/index.php?nats=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not...
galleries.manojob.com XSS vulnerability
Vulnerable URL: http://galleries.manojob.com/templates/pics/40/index.php?nats=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| Yes, at 26.07.2017 Latest check for patch:| 26.07.2017 09:23 GMT Vulnerability type:| XSS Vulnerability status:| Publicly...
clssdomains.com XSS vulnerability
Vulnerable URL: http://www.clssdomains.com/cgi-bin/whois/whois.cgi?fqdn=%22%3E%3Csvg%2Fonload%3Dprompt%28%2FXSSPOSED%2F%29%3E=.com=Search+Domain+Records Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly...