Lucene search
+L

7 matches found

CNVD
CNVD
added 2022/03/04 12:0 a.m.22 views

WordPress 15Zine cross-site scripting vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports the hosting of personal blog sites on servers with PHP and MySQL. cross-site scripting vulnerability exists in versions prior to Wordpress 15Zine 3.3.0, which ste...

6.1CVSS0.9AI score0.02602EPSS
Exploits2References1
Prion
Prion
added 2022/02/28 9:15 a.m.9 views

Cross site scripting

The 15Zine WordPress theme before 3.3.0 does not sanitise and escape the cbi parameter before outputing it back in the response via the cbsa AJAX action, leading to a Reflected Cross-Site Scripting...

4.3CVSS6AI score0.02602EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2022/02/28 9:6 a.m.18 views

CVE-2020-36510 15Zine < 3.3.0 - Reflected Cross-Site Scripting

The 15Zine WordPress theme before 3.3.0 does not sanitise and escape the cbi parameter before outputing it back in the response via the cbsa AJAX action, leading to a Reflected Cross-Site Scripting...

6AI score0.02602EPSS
Exploits2References1
CVE
CVE
added 2022/02/28 9:6 a.m.89 views

CVE-2020-36510

CVE-2020-36510 – WordPress 15Zine &lt; 3.3.0 The 15Zine WordPress theme prior to version 3.3.0 fails to sanitize/escape the cbi parameter when echoing it back in the HTTP response via the cb_s_a AJAX action, causing a reflected Cross-Site Scripting (XSS) vulnerability. Affected product: WordPress...

6.1CVSS6AI score0.02602EPSS
Exploits2References1Affected Software1
wpexploit
wpexploit
added 2022/02/23 12:0 a.m.12 views

15Zine < 3.3.0 - Reflected Cross-Site Scripting

Description The theme does not sanitise and escape the cbi parameter before outputing it back in the response via the cbsa AJAX action, leading to a Reflected Cross-Site Scripting https://example.com/wp-admin/admin-ajax.php?action=cbsa&cbi=alert/XSS/;...

6.1CVSS6.1AI score0.02602EPSS
Exploits2
WPVulnDB
WPVulnDB
added 2022/02/23 12:0 a.m.9 views

15Zine < 3.3.0 - Reflected Cross-Site Scripting

Description The theme does not sanitise and escape the cbi parameter before outputing it back in the response via the cbsa AJAX action, leading to a Reflected Cross-Site Scripting PoC https://example.com/wp-admin/admin-ajax.php?action=cbsa=...

6.1CVSS6AI score0.02602EPSS
Exploits2
Patchstack
Patchstack
added 2020/09/21 12:0 a.m.27 views

WordPress 15zine premium theme <= 3.2.2 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Fariq Fadillah Gusti Insani in WordPress 15zine premium theme versions = 3.2.2. Solution Update the WordPress 15zine premium theme to the latest available version at least 3.3.0...

6.1CVSS2AI score0.02602EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder