langexam.com Cross Site Scripting vulnerability OBB-3939315

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

jagatvision.co.in Cross Site Scripting vulnerability OBB-3939284

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

WordPress The Ultimate WordPress Toolkit – WP Extended Plugin <= 2.4.7 is vulnerable to Cross Site Scripting (XSS)

Software The Ultimate WordPress Toolkit – WP Extended Type Plugin Vulnerable versions = 2.4.7 Fixed in 3.0.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37259 Patch priority Medium CVSS severity Medium 7.1 Developer WP Extended PSID 6e88ac2a1e7f Credits Yudisti...

WordPress Kadence Blocks Pro Plugin < 2.3.8 is vulnerable to Broken Access Control

Software Kadence Blocks Pro Type Plugin Vulnerable versions 2.3.8 Fixed in 2.3.8 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-1330 Patch priority Low CVSS severity Low 4.3 Developer KadenceWP PSID 0488c91e76be Credits Scott Kingsley Clark Required...

WordPress Formidable Forms Plugin < 6.3.1 is vulnerable to Remote Code Execution (RCE)

Software Formidable Forms Type Plugin Vulnerable versions 6.3.1 Fixed in 6.3.1 OWASP Top 10 A1: Injection Classification Remote Code Execution RCE CVE CVE-2023-2877 Patch priority High CVSS severity High 9.9 Developer Claim ownership PSID 64ee0a3444e8 Credits Alex Sanford Required privilege...

WordPress Booked Plugin < 2.4.4 is vulnerable to Sensitive Data Exposure

Software Booked Type Plugin Vulnerable versions 2.4.4 Fixed in 2.4.4 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2022-36399 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 0ab671e26c14 Credits coogee86 Required privilege...

Threat Roundup for May 27 to June 3

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between May 27 and June 3. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

mail.agenziatravel.com Cross Site Scripting vulnerability OBB-1208683

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

mail.03teknoloji.net Cross Site Scripting vulnerability OBB-1208676

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

phatcode.net Cross Site Scripting vulnerability OBB-1208668

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

lds.com.np Cross Site Scripting vulnerability OBB-1208420

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

wineworldny.com Cross Site Scripting vulnerability OBB-1208163

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

sega.com Cross Site Scripting vulnerability OBB-1207956

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

lehrertaschen-vergleich.de Cross Site Scripting vulnerability OBB-1207952

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

deltawineandmore.com Cross Site Scripting vulnerability OBB-1207896

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

mominbalance.com Cross Site Scripting vulnerability

Security Researcher g0bl1nsec Helped patch 3608 vulnerabilities Received 4 Coordinated Disclosure badges Received 3 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting mominbalance.com website and its users. Following...

zupjeunesnogent.fr XSS vulnerability

Open Bug Bounty ID: OBB-637622 Description| Value ---|--- Affected Website:| zupjeunesnogent.fr Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Other Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

werkenineenhotel.nl XSS vulnerability

Vulnerable URL: https://www.werkenineenhotel.nl/hotelvacaturesbanenbijbanenstage/?companygroupid=ratingid==availabilityid==a%27aa%22%3E%3Cimg%20src=x%20onerror=prompt/OPENBUGBOUNTY/%3E==Zoeken Details: Description| Value ---|--- Patched:| Yes, at 26.11.2017 Latest check for patch:| 26.11.2017 15:...

emerx.cz XSS vulnerability

Vulnerable URL: https://www.emerx.cz/hledani?s=%3C%2Fscript%3E%3Cimg+src%3Dx+onerror%3Dprompt%28%2FXSSPOSED%2F%29%3E=HLEDAT=92=searchForm-submit Details: Description| Value ---|--- Patched:| No Latest check for patch:| 01.08.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed...

facebook.com Open Redirect vulnerability

Vulnerable URL:...