11 matches found
CVE-2025-58822
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mndpsingh287 WP Mail wp-mail allows DOM-Based XSS.This issue affects WP Mail: from n/a through = 1.3...
PT-2024-36123 · Unknown · Think201 Easy Replace
Name of the Vulnerable Software and Affected Versions: Think201 Easy Replace versions n/a through 1.3 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Stored XSS attacks. Recommendations: For...
PT-2024-32593 · Unknown · Ashraf Xltab
Name of the Vulnerable Software and Affected Versions: Ashraf XLTab – Accordions and Tabs for Elementor Page Builder versions 1.3 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for...
PT-2024-24578 · Unknown · Ads.Txt Admin
Name of the Vulnerable Software and Affected Versions: Ads.Txt Admin versions 1.3 and earlier Description: A Cross-Site Request Forgery CSRF issue affects the Ads.Txt Admin. This is a type of attack where an attacker tricks a user into performing unintended actions on a web application that the...
PT-2024-13904 · Ibm · Ibm Powersc
Name of the Vulnerable Software and Affected Versions: IBM PowerSC versions 1.3 through 2.1 Description: The issue is related to the use of insecure HTTP methods, which could allow a remote attacker to perform unauthorized file request modification. Recommendations: For versions 1.3 through 2.1,...
PT-2024-14020 · Ibm · Ibm Powersc
Name of the Vulnerable Software and Affected Versions: IBM PowerSC versions 1.3 through 2.1 Description: The issue is related to the use of weaker than expected cryptographic algorithms, which could allow an attacker to decrypt highly sensitive information. Recommendations: For IBM PowerSC versio...
PT-2024-19306 · Unknown · Elise Bosse Frontpage Manager
Name of the Vulnerable Software and Affected Versions: Elise Bosse Frontpage Manager versions 1.3 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web...
PT-2023-25141 · Unknown · Abhay Yadav Breadcrumb Simple Plugin
Name of the Vulnerable Software and Affected Versions: Abhay Yadav Breadcrumb simple plugin versions 1.3 and earlier Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that affects authenticated administrators. This vulnerability allows an attacker to inject...
PT-2022-20420 · Jenkins · Jenkins +1
Name of the Vulnerable Software and Affected Versions: Jenkins Multiselect parameter Plugin versions 1.3 and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability, which is exploitable by attackers with Item/Configure permission. This occurs because the plugin...
PT-2015-5280 · Elastic · Elasticsearch
Name of the Vulnerable Software and Affected Versions: Elasticsearch versions 1.3.x through 1.3.7 Elasticsearch versions 1.4.x through 1.4.2 Description: The Groovy scripting engine in Elasticsearch allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell...
PT-2003-2178 · Microsoft +1 · Windows +1
Name of the Vulnerable Software and Affected Versions: Pedestal Software Integrity Protection Driver IPD versions 1.3 and earlier Description: The issue allows privileged attackers, such as rootkits, to bypass file access restrictions to the Windows kernel. This is achieved by using the...