CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

88 matches found

Positive Technologies•added 2024/10/06 12:0 a.m.•9 views

PT-2024-30912 · WordPress · Kevon Adonis Wp Abstracts

Name of the Vulnerable Software and Affected Versions: Kevon Adonis WP Abstracts versions 2.6.5 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS, which allows Stored XSS. This means that an attacke...

5.9CVSS6.5AI score0.00287EPSS

Exploits0References7

CNNVD•added 2024/10/06 12:0 a.m.•2 views

WordPress plugin WP Abstracts 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

5.9CVSS6.2AI score0.00287EPSS

Exploits0References2

Patchstack•added 2024/09/23 5:18 p.m.•10 views

WordPress WP Abstracts plugin <= 2.6.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by jsjp Patchstack Alliance in WordPress Plugin WP Abstracts versions = 2.6.5...

5.9CVSS6.1AI score0.00287EPSS

Exploits0Affected Software1

Patchstack•added 2024/09/23 12:0 a.m.•10 views

WordPress WP Abstracts Plugin <= 2.6.5 is vulnerable to Cross Site Scripting (XSS)

Software WP Abstracts Type Plugin Vulnerable versions = 2.6.5 Fixed in 2.7.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-44045 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID d042c5d49f7e Credits jsjp Required privilege Administrator...

5.9CVSS6.5AI score0.00287EPSS

Exploits0References2Affected Software1

Openbugbounty•added 2024/03/19 3:9 a.m.•7 views

abstracts.boku.ac.at Cross Site Scripting vulnerability OBB-3878463

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score

Exploits0

OSV•added 2023/08/30 4:15 p.m.•3 views

CVE-2023-28692

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Kevon Adonis WP Abstracts plugin = 2.6.3 versions...

4.8CVSS5.8AI score0.00402EPSS

Exploits1References1

Prion•added 2023/08/30 4:15 p.m.•18 views

Cross site scripting

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Kevon Adonis WP Abstracts plugin = 2.6.3 versions...

4.3CVSS4.8AI score0.00402EPSS

Exploits1References1Affected Software1

CVE•added 2023/08/30 3:27 p.m.•40 views

CVE-2023-28692

CVE-2023-28692 affects the WordPress WP Abstracts plugin (Kevon Adonis) ≤ 2.6.3. The vulnerability is a stored XSS that requires admin+ privileges. Multiple sources (WP Vulnerability DB, Red Hat, Patchstack) confirm the vulnerable version range and indicate the fix is available in 2.6.4. Impact i...

5.9CVSS4.9AI score0.00402EPSS

Exploits1References1Affected Software1

Vulnrichment•added 2023/08/30 3:27 p.m.•6 views

CVE-2023-28692 WordPress WP Abstracts Plugin <= 2.6.3 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Kevon Adonis WP Abstracts plugin = 2.6.3 versions...

5.9CVSS5.4AI score0.00402EPSS

Exploits1References1

CNNVD•added 2023/08/30 12:0 a.m.•2 views

WordPress plugin WP Abstracts 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

5.9CVSS5AI score0.00402EPSS

Exploits1References2

OSV•added 2023/07/21 8:24 p.m.•17 views

GHSA-FMQQ-25X9-C6HM Indico vulnerable to Cross-Site-Scripting via confirmation prompts

Impact There is a Cross-Site-Scripting vulnerability in confirmation prompts commonly used when deleting content from Indico. Exploitation requires someone with at least submission privileges such as a speaker and then someone else to attempt to delete this content. Considering that event...

5.4CVSS5.3AI score0.00433EPSS

Exploits0References7

OSV•added 2023/07/11 9:15 a.m.•3 views

CVE-2023-36517

Cross-Site Request Forgery CSRF vulnerability in Kevon Adonis WP Abstracts plugin = 2.6.2 versions...

8.8CVSS5.8AI score0.00214EPSS

Exploits0References1

NVD•added 2023/07/11 9:15 a.m.•11 views

CVE-2023-36517

Cross-Site Request Forgery CSRF vulnerability in Kevon Adonis WP Abstracts plugin = 2.6.2 versions...

8.8CVSS5.8AI score0.00214EPSS

Exploits0References1

Prion•added 2023/07/11 9:15 a.m.•18 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Kevon Adonis WP Abstracts plugin = 2.6.2 versions...

6.8CVSS8.7AI score0.00214EPSS

Exploits0References1Affected Software1

CVE•added 2023/07/11 8:2 a.m.•53 views

CVE-2023-36517

CVE-2023-36517 is a Cross-Site Request Forgery (CSRF) vulnerability in the WP Abstracts/Manuscripts Manager plugin for WordPress (Kevon Adonis WP Abstracts) affecting versions

8.8CVSS6.4AI score0.00214EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2023/07/11 8:2 a.m.•28 views

CVE-2023-36517 WordPress WP Abstracts Plugin <= 2.6.2 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Kevon Adonis WP Abstracts plugin = 2.6.2 versions...

4.3CVSS7.1AI score0.00214EPSS

Exploits0References1

CNNVD•added 2023/07/11 12:0 a.m.•3 views

WordPress Plugin WP Abstracts 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

8.8CVSS8.1AI score0.00214EPSS

Exploits0References2

WPVulnDB•added 2023/06/27 12:0 a.m.•21 views

WP Abstracts <= 2.6.2 - Cross-Site Request Forgery

The plugin does not sufficiently verify requests use nonces, leading to a CSRF vulnerability...

8.8CVSS6.8AI score0.00214EPSS

Exploits0References1Affected Software1

Patchstack•added 2023/06/27 12:0 a.m.•13 views

WordPress WP Abstracts Plugin <= 2.6.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software WP Abstracts Type Plugin Vulnerable versions = 2.6.2 Fixed in 2.6.3 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-36517 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID a8178ceb0ff9 Credits qilin99 Required...

8.8CVSS6.6AI score0.00214EPSS

Exploits0References2Affected Software1

Patchstack•added 2023/06/27 12:0 a.m.•10 views

WordPress WP Abstracts Plugin <= 2.6.3 is vulnerable to Cross Site Scripting (XSS)

Software WP Abstracts Type Plugin Vulnerable versions = 2.6.3 Fixed in 2.6.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-28692 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID d24a94d01c26 Credits qilin99 Required privilege...

5.9CVSS5.8AI score0.00402EPSS

Exploits1References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by