20 matches found
WordPress WIP Incoming Lite Plugin <= 1.1.1 is vulnerable to Cross Site Scripting (XSS)
Software WIP Incoming Lite Type Plugin Vulnerable versions = 1.1.1 Fixed in 1.1.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-11416 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d449e884123c Credits SOPROBRO Requir...
WordPress Grip Theme <= 1.0.9 is vulnerable to Arbitrary File Upload
Software Grip Type Theme Vulnerable versions = 1.0.9 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-52488 Patch priority High CVSS severity High 9.9 Developer Claim ownership PSID b55cacdb5723 Credits Mika Required privilege Subscriber Published 20...
WordPress SuevaFree Essential Kit Plugin <= 1.1.3 is vulnerable to Cross Site Scripting (XSS)
Software SuevaFree Essential Kit Type Plugin Vulnerable versions = 1.1.3 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-11432 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID a56ca15d2b5b Credits zakaria Required...
bureauijui.com.br Improper Access Control vulnerability OBB-3788581
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
tkdjeongsin.be Improper Access Control vulnerability OBB-3788378
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
atomyze.ru Cross Site Scripting vulnerability OBB-3787928
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
charlesdefoucauld.org Cross Site Scripting vulnerability OBB-3787500
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
goodwins.ie Cross Site Scripting vulnerability OBB-3787485
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
leloftsaintbrice.fr Cross Site Scripting vulnerability OBB-3787147
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
comprehensivepainmd.com Cross Site Scripting vulnerability OBB-3787032
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
WordPress PayTR Taksit Tablosu Plugin <= 1.3.1 is vulnerable to Broken Access Control
Software PayTR Taksit Tablosu Type Plugin Vulnerable versions = 1.3.1 Fixed in 1.3.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-47847 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 9835cf00a16a Credits Abdi Pranata Required...
WordPress wpForo Forum Plugin <= 2.2.5 is vulnerable to Content Injection
Software wpForo Forum Type Plugin Vulnerable versions = 2.2.5 Fixed in 2.2.6 OWASP Top 10 A1: Broken Access Control Classification Content Injection CVE CVE-2023-47869 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID e9607ec97842 Credits Jesse McNeil Required privilege...
getid.com Improper Access Control vulnerability OBB-2277074
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
backlinkwatch.com XSS vulnerability
Open Bug Bounty ID: OBB-700447 Description| Value ---|--- Affected Website:| backlinkwatch.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidde...
playadelcarmen.com XSS vulnerability
Open Bug Bounty ID: OBB-699645 Description| Value ---|--- Affected Website:| playadelcarmen.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
theeroticreview.com XSS vulnerability
Open Bug Bounty ID: OBB-427210 Description| Value ---|--- Affected Website:| theeroticreview.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Che...
accounts.digikala.com Open Redirect vulnerability
Open Bug Bounty ID: OBB-424064 Description| Value ---|--- Affected Website:| accounts.digikala.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4...
kbsa.org.uk Open Redirect vulnerability
On the 19.11.2017 security researcher reported a Open Redirect vulnerability affecting the kbsa.org.uk website via the Open Bug Bounty coordinated vulnerability disclosure program. Coordinated Disclosure Timeline: Description| Value ---|--- Vulnerability submitted via Open Bug Bounty| 19 November...
stonehavensouthchurch.org.uk Open Redirect vulnerability
Open Bug Bounty ID: OBB-423425 Description| Value ---|--- Affected Website:| stonehavensouthchurch.org.uk Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N Remediation Guide:| OWASP Open Redirect Cheat...
pushkino.pw Open Redirect vulnerability
Vulnerable URL: http://pushkino.pw/redirect?url=https://www.openbugbounty.org Details: Description| Value ---|--- Patched:| Yes, at 28.07.2017 Latest check for patch:| 28.07.2017 10:48 GMT Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank| 29169291 VIP websit...