skechers.com Cross Site Scripting vulnerability OBB-3847669

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

WordPress Knowledge Base for Documentation, FAQs with AI Assistance Plugin <= 11.30.2 is vulnerable to PHP Object Injection

Software Knowledge Base for Documentation, FAQs with AI Assistance Type Plugin Vulnerable versions = 11.30.2 Fixed in 11.31.0 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-24842 Patch priority High CVSS severity High 8.7 Developer Claim ownership PSID 6e74033eecde...

WordPress Magazine Edge Theme <= 1.13 is vulnerable to Broken Authentication

Software Magazine Edge Type Theme Vulnerable versions = 1.13 Fixed in N/A OWASP Top 10 A2: Broken Authentication Classification Broken Authentication CVE CVE-2023-25068 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID 9064016ee308 Credits Dave Jong Patchstack Required...

WordPress Jobs for WordPress Plugin <= 2.5.11.2 is vulnerable to Cross Site Scripting (XSS)

Software Jobs for WordPress Type Plugin Vulnerable versions = 2.5.11.2 Fixed in 2.6.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-44743 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 9031f3e3273b Credits thiennv Required...

WordPress 1003 Mortgage Application Plugin <= 1.75 is vulnerable to Arbitrary File Download

Software 1003 Mortgage Application Type Plugin Vulnerable versions = 1.75 Fixed in 1.80 OWASP Top 10 A5: Broken Access Control Classification Arbitrary File Download CVE CVE-2022-45368 Patch priority High CVSS severity High 7.7 Developer Claim ownership PSID 541a2fe842ed Credits Rodrigo Escobar...

WordPress Multi Rating Plugin <= 5.0.5 is vulnerable to Cross Site Request Forgery (CSRF)

Software Multi Rating Type Plugin Vulnerable versions = 5.0.5 Fixed in 5.0.6 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-47443 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 1dcbbd6b8544 Credits rezaduty Required...

WordPress Album and Image Gallery plus Lightbox Plugin <= 1.6.2 is vulnerable to Broken Access Control

Software Album and Image Gallery plus Lightbox Type Plugin Vulnerable versions = 1.6.2 Fixed in 1.6.3 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-25060 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID dd001a553b6f Credits Cat...

WordPress Auto Affiliate Links Plugin <= 6.3 is vulnerable to Cross Site Request Forgery (CSRF)

Software Auto Affiliate Links Type Plugin Vulnerable versions = 6.3 Fixed in 6.3.0.1 OWASP Top 10 A8: Cross Site Request Forgery CSRF Classification Cross Site Request Forgery CSRF CVE CVE-2023-22689 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 6689a92a0421 Credits...

WordPress Posts and Users Stats Plugin <= 1.1.3 is vulnerable to CSV Injection

Software Posts and Users Stats Type Plugin Vulnerable versions = 1.1.3 Fixed in 1.1.4 OWASP Top 10 A1: Injection Classification CSV Injection CVE CVE-2022-44738 Patch priority Low CVSS severity Low 5.8 Developer Claim ownership PSID adb9c8d12136 Credits Mika Required privilege Subscriber Publishe...

sikkensvr.com Cross Site Scripting vulnerability OBB-2355929

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

oldechurch.com Cross Site Scripting vulnerability OBB-2355515

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

thailovelines.com Improper Access Control vulnerability OBB-2355449

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

ochu.co.kr XSS vulnerability

Open Bug Bounty ID: OBB-551910 Description| Value ---|--- Affected Website:| ochu.co.kr Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

14.231.170.41 XSS vulnerability

Open Bug Bounty ID: OBB-551832 Description| Value ---|--- Affected Website:| 14.231.170.41 Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

watsoncars.co.uk XSS vulnerability

Open Bug Bounty ID: OBB-391195 Description| Value ---|--- Affected Website:| watsoncars.co.uk Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...

himeji.lover.ms XSS vulnerability

Vulnerable URL: http://himeji.lover.ms/gals.php?staffid=3830 Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Check himeji.lover.ms SSL connection:| Grade: F...