Lucene search
K

34 matches found

Nuclei
Nuclei
added 12 hours ago11 views

WordPress Accordions - Unauthenticated Settings Update

Unauthenticated WordPress Options Change vulnerability in Biplob Adhikari's Accordions plugin = 2.0.2 at WordPress. id: CVE-2022-33198 info: name: WordPress Accordions - Unauthenticated Settings Update author: riteshs4hu severity: critical description: | Unauthenticated WordPress Options Change...

9.8CVSS6AI score0.02654EPSS
Exploits0References4
NVD
NVD
added 2026/06/09 2:16 a.m.16 views

CVE-2026-10862

The Accordions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Accordion body field in all versions up to, and including, 2.3.23 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Custom-level access and...

6.4CVSS0.00155EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/09 1:27 a.m.9 views

CVE-2026-10862 Accordions <= 2.3.23 - Authenticated (Custom+) Stored Cross-Site Scripting via Accordion Body Field

The Accordions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Accordion body field in all versions up to, and including, 2.3.23 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Custom-level access and...

6.4CVSS5.7AI score0.00155EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/09 1:27 a.m.41 views

CVE-2026-10862 Accordions <= 2.3.23 - Authenticated (Custom+) Stored Cross-Site Scripting via Accordion Body Field

The Accordions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Accordion body field in all versions up to, and including, 2.3.23 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Custom-level access and...

6.4CVSS0.00155EPSS
Exploits0References2
CVE
CVE
added 2026/06/09 1:27 a.m.23 views

CVE-2026-10862

CVE-2026-10862 affects the WordPress plugin Accordions (versions up to and including 2.3.23). The root cause is insufficient input sanitization and output escaping in the Accordion body field, enabling authenticated attackers with Custom-level access or higher to perform Stored Cross-Site Scripti...

6.4CVSS5.7AI score0.00155EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/09 1:27 a.m.13 views

EUVD-2026-35290

The Accordions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Accordion body field in all versions up to, and including, 2.3.23 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Custom-level access and...

6.4CVSS5.7AI score0.00155EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/09 1:27 a.m.6 views

CVE-2026-10862

The Accordions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Accordion body field in all versions up to, and including, 2.3.23 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Custom-level access and...

6.4CVSS5.7AI score0.00155EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.10 views

PT-2026-47629

The Accordions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Accordion body field in all versions up to, and including, 2.3.23 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Custom-level access and...

6.4CVSS5.7AI score0.00155EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

WordPress plugin Accordions 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

6.4CVSS5.3AI score0.00155EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-40706

Malicious code in bioql PyPI...

7.2CVSS7.1AI score0.00881EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-48003

Malicious code in bioql PyPI...

4.8CVSS5.4AI score0.00404EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-36242

Malicious code in bioql PyPI...

9.8CVSS5.7AI score0.02654EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 10:8 a.m.6 views

CVE-2024-5946

The Squelch Tabs and Accordions Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘tab’ shortcode in all versions up to, and including, 0.4.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5.8AI score0.00337EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/05/04 12:47 p.m.12 views

CVE-2023-25962 WordPress Accordions Plugin <= 2.3.0 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Biplob Adhikari Accordion – Multiple Accordion or FAQs Builder plugin = 2.3.0 versions...

5.9CVSS5.6AI score0.00369EPSS
Exploits0References1
Patchstack
Patchstack
added 2023/02/22 12:0 a.m.12 views

WordPress Accordions Plugin <= 2.3.0 is vulnerable to Cross Site Scripting (XSS)

Software Accordions Type Plugin Vulnerable versions = 2.3.0 Fixed in 2.3.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-25962 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID f87fb23de704 Credits Rio Darmawan Required...

5.9CVSS6AI score0.00369EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2022/11/18 11:15 p.m.12 views

CVE-2022-45082

Multiple Auth. admin+ Stored Cross-Site Scripting XSS vulnerabilities in Accordions plugin = 2.0.3 on WordPress via &addons-style-name and &accordionsorfaqslicensekey...

4.8CVSS0.00404EPSS
Exploits0References2
OSV
OSV
added 2022/11/18 11:15 p.m.7 views

CVE-2022-45082

Multiple Auth. admin+ Stored Cross-Site Scripting XSS vulnerabilities in Accordions plugin = 2.0.3 on WordPress via &addons-style-name and &accordionsorfaqslicensekey...

4.8CVSS5.8AI score0.00404EPSS
Exploits0References2
Prion
Prion
added 2022/11/18 11:15 p.m.18 views

Cross site scripting

Multiple Auth. admin+ Stored Cross-Site Scripting XSS vulnerabilities in Accordions plugin = 2.0.3 on WordPress via &addons-style-name and &accordionsorfaqslicensekey...

4.3CVSS5AI score0.00404EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2022/11/18 9:59 p.m.66 views

CVE-2022-45082

The CVE-2022-45082 entries describe stored XSS in WordPress Accordions plugin versions

4.8CVSS4.6AI score0.00404EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2022/11/18 12:0 a.m.9 views

PT-2022-27403 · Accordion · Accordion

Name of the Vulnerable Software and Affected Versions: Accordions plugin versions prior to 2.0.4 Description: The issue concerns Stored Cross-Site Scripting XSS vulnerabilities. These vulnerabilities can be exploited via the &addons-style-name and &accordions or faqs license key parameters...

4.8CVSS5.1AI score0.00404EPSS
Exploits0References4
Rows per page
Query Builder