12 matches found
CVE-2026-34796
creationtimestamp| type| source ---|---|--- 2026-04-02 17:09:23+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mijp3i6wu72j 2026-04-02 17:38:00+00:00| seen| Telegram/-NvE3DOHeY-1Q0zG5YCstM01cFOFdgBxqrRb0oXZGokSQ 2026-04-03 07:09:34+00:00| seen|...
MAL-2025-34796 Malicious code in test-mlw1-lisle-jougs (npm)
The package test-mlw1-lisle-jougs was found to contain malicious code...
CVE-2024-34796
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in AccessAlly PopupAlly allows Stored XSS.This issue affects PopupAlly: from n/a through 2.1.1...
CVE-2024-34796
CVE-2024-34796 is a stored XSS for AccessAlly PopupAlly (WordPress PopupAlly) affecting versions up to 2.1.1, per Red Hat and CVE records. The vulnerability arises from improper neutralization of input during web page generation. The connected Red Hat advisory reiterates the same description and ...
CVE-2024-34796 WordPress PopupAlly plugin <= 2.1.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in AccessAlly PopupAlly allows Stored XSS.This issue affects PopupAlly: from n/a through 2.1.1...
CVE-2024-34796 WordPress PopupAlly plugin <= 2.1.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in AccessAlly PopupAlly allows Stored XSS.This issue affects PopupAlly: from n/a through 2.1.1...
WordPress PopupAlly Plugin <= 2.1.1 is vulnerable to Cross Site Scripting (XSS)
Software PopupAlly Type Plugin Vulnerable versions = 2.1.1 Fixed in 2.1.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-34796 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID d37861f72276 Credits alfido osdie Patchstack Alliance Required...
CVE-2023-34796
Cross site scripting XSS vulnerabiliy in dmarcts-report-viewer dashboard versions 1.1 and thru commit 8a1d882b4c481a05e296e9b38a7961e912146a0f, allows unauthenticated attackers to execute arbitrary code via the orgname or domain values...
CVE-2023-34796
The CVE-2023-34796 entry concerns a Cross-Site Scripting vulnerability in dmarcts-report-viewer dashboard versions 1.1 up to commit 8a1d882b4c481a05e296e9b38a7961e912146a0f. The underlying issue allows an unauthenticated attacker to execute arbitrary code via the org_name or domain values. The CV...
CVE-2022-34796
CVE-2022-34796 affects Jenkins Deployment Dashboard Plugin 1.0.10 and earlier. The root cause is a missing permission check on several HTTP endpoints, enabling attackers with Overall/Read permission to enumerate credential IDs stored in Jenkins, resulting in information disclosure. Practical impa...
CVE-2025-34796
This CVE entry is rejected/not used and does not represent an active vulnerability.
CVE-2025-34796
...