Lucene search
+L

19 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-17291

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00215EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-57501

Malicious code in bioql PyPI...

6.4CVSS6.4AI score0.0045EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-54729

Malicious code in bioql PyPI...

6.4CVSS6.4AI score0.00436EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/06/08 1:19 p.m.4 views

CVE-2025-49242

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sevenspark Bellows Accordion Menu bellows-accordion-menu allows Stored XSS.This issue affects Bellows Accordion Menu: from n/a through = 1.4.3...

6.5CVSS5.9AI score0.00215EPSS
Exploits0References1
NVD
NVD
added 2025/06/06 1:15 p.m.6 views

CVE-2025-49242

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sevenspark Bellows Accordion Menu bellows-accordion-menu allows Stored XSS.This issue affects Bellows Accordion Menu: from n/a through = 1.4.3...

6.5CVSS0.00215EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/06 12:53 p.m.4 views

CVE-2025-49242 WordPress Bellows Accordion Menu plugin <= 1.4.3 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sevenspark Bellows Accordion Menu bellows-accordion-menu allows Stored XSS.This issue affects Bellows Accordion Menu: from n/a through = 1.4.3...

6.5CVSS5.9AI score0.00215EPSS
Exploits0References1
CVE
CVE
added 2025/06/06 12:53 p.m.35 views

CVE-2025-49242

CVE-2025-49242 is a stored XSS vulnerability in Bellows Accordion Menu for WordPress (Improper Neutralization of Input During Web Page Generation). Affected versions: Bellows Accordion Menu up to and including 1.4.3. Impact per available docs: stored cross-site scripting; remediation is to update...

6.5CVSS5.9AI score0.00215EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/06 12:53 p.m.15 views

CVE-2025-49242 WordPress Bellows Accordion Menu plugin <= 1.4.3 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sevenspark Bellows Accordion Menu bellows-accordion-menu allows Stored XSS.This issue affects Bellows Accordion Menu: from n/a through = 1.4.3...

6.5CVSS0.00215EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/06 12:0 a.m.2 views

PT-2025-24205 · Sevenspark · Sevenspark Bellows Accordion Menu

Name of the Vulnerable Software and Affected Versions: sevenspark Bellows Accordion Menu versions 1.4.3 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an...

6.5CVSS6.2AI score0.00215EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/06/06 12:0 a.m.5 views

WordPress plugin Bellows Accordion Menu 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...

6.5CVSS6AI score0.00215EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/06/05 12:6 a.m.8 views

WordPress Bellows Accordion Menu plugin <= 1.4.3 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin Bellows Accordion Menu versions = 1.4.3...

6.5CVSS6AI score0.00215EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/11/03 12:0 a.m.11 views

Bellows Accordion Menu < 1.4.3 - Contributor+ Stored Cross-Site Scripting

Description The plugin does not adequately sanitize user-supplied attributes in shortcodes, nor does it correctly escape output. This can lead to injection of arbitrary web scripts in pages by authenticated users with contributor-level permissions...

6.4CVSS6.5AI score0.0045EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/10/30 2:15 p.m.3 views

CVE-2023-5164

The Bellows Accordion Menu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 1.4.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with...

5.4CVSS7AI score0.0045EPSS
Exploits0References3
CVE
CVE
added 2023/10/30 1:48 p.m.68 views

CVE-2023-5164

The Bellows Accordion Menu plugin for WordPress is affected by a stored XSS in shortcode attributes (versions up to and including 1.4.2) due to insufficient input sanitization and output escaping. Exploitation requires authenticated access at contributor level or higher, enabling injection of scr...

6.4CVSS5.2AI score0.0045EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2023/10/30 12:0 a.m.5 views

WordPress Plugin Bellows Accordion Menu Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.4CVSS6.1AI score0.0045EPSS
Exploits0References4
Patchstack
Patchstack
added 2023/10/29 12:0 a.m.12 views

WordPress Bellows Accordion Menu Plugin <= 1.4.2 is vulnerable to Cross Site Scripting (XSS)

Software Bellows Accordion Menu Type Plugin Vulnerable versions = 1.4.2 Fixed in 1.4.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5164 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 390a77233aee Credits István Márton...

6.4CVSS5.7AI score0.0045EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/09/12 1:52 a.m.7 views

CVE-2023-4890 JQuery Accordion Menu Widget <= 3.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The JQuery Accordion Menu Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'dcwp-jquery-accordion' shortcode in versions up to, and including, 3.1.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS6.8AI score0.00436EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/09/12 12:0 a.m.7 views

WordPress Plugin JQuery Accordion Menu Widget Cross Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.4CVSS5.8AI score0.00436EPSS
Exploits0References5
Patchstack
Patchstack
added 2023/09/11 12:0 a.m.9 views

WordPress JQuery Accordion Menu Widget Plugin <= 3.1.2 is vulnerable to Cross Site Scripting (XSS)

Software JQuery Accordion Menu Widget Type Plugin Vulnerable versions = 3.1.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4890 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 4715a521c168 Credits Lana Codes...

6.4CVSS6AI score0.00436EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder