Lucene search
K

41 matches found

Patchstack
Patchstack
added 2024/07/04 12:0 a.m.12 views

WordPress Apollo13 Framework Extensions Plugin <= 1.9.3 is vulnerable to Cross Site Scripting (XSS)

Software Apollo13 Framework Extensions Type Plugin Vulnerable versions = 1.9.3 Fixed in 1.9.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37480 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID dbb97a0dbb53 Credits Michael Required privile...

6.5CVSS6.6AI score0.00313EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/02/08 12:15 p.m.6 views

CVE-2024-24880

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Apollo13Themes Apollo13 Framework Extensions allows Stored XSS.This issue affects Apollo13 Framework Extensions: from n/a through 1.9.2...

5.4CVSS7.3AI score0.00317EPSS
Exploits0References1
CVE
CVE
added 2024/02/08 11:58 a.m.51 views

CVE-2024-24880

CVE-2024-24880 affects the Apollo13 Framework Extensions WordPress plugin (versions

6.5CVSS7.1AI score0.00317EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/02/08 11:58 a.m.22 views

CVE-2024-24880 WordPress Apollo13 Framework Extensions Plugin <= 1.9.2 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Apollo13Themes Apollo13 Framework Extensions allows Stored XSS.This issue affects Apollo13 Framework Extensions: from n/a through 1.9.2...

6.5CVSS6.7AI score0.00317EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/02/08 12:0 a.m.11 views

PT-2024-20636 · Unknown · Apollo13 Framework Extensions

Name of the Vulnerable Software and Affected Versions: Apollo13 Framework Extensions versions 1.9.2 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacke...

6.5CVSS9.1AI score0.00317EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/02/08 12:0 a.m.14 views

WordPress Plugin Apollo13 Framework Extensions Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...

6.5CVSS6AI score0.00317EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/02/05 12:0 a.m.11 views

WordPress Apollo13 Framework Extensions Plugin <= 1.9.2 is vulnerable to Cross Site Scripting (XSS)

Software Apollo13 Framework Extensions Type Plugin Vulnerable versions = 1.9.2 Fixed in 1.9.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-24880 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID c7023587281d Credits LVT-tholv2k Required...

6.5CVSS6.5AI score0.00317EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2024/01/05 10:15 a.m.20 views

CVE-2023-51539

Cross-Site Request Forgery CSRF vulnerability in Apollo13Themes Apollo13 Framework Extensions.This issue affects Apollo13 Framework Extensions: from n/a through 1.9.1...

8.8CVSS5.7AI score0.00216EPSS
Exploits0References1
OSV
OSV
added 2024/01/05 10:15 a.m.5 views

CVE-2023-51539

Cross-Site Request Forgery CSRF vulnerability in Apollo13Themes Apollo13 Framework Extensions.This issue affects Apollo13 Framework Extensions: from n/a through 1.9.1...

8.8CVSS7.3AI score0.00216EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/01/05 9:44 a.m.3 views

CVE-2023-51539 WordPress Apollo13 Framework Extensions Plugin <= 1.9.1 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Apollo13Themes Apollo13 Framework Extensions.This issue affects Apollo13 Framework Extensions: from n/a through 1.9.1...

4.3CVSS6.3AI score0.00216EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/01/05 9:44 a.m.23 views

CVE-2023-51539 WordPress Apollo13 Framework Extensions Plugin <= 1.9.1 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Apollo13Themes Apollo13 Framework Extensions.This issue affects Apollo13 Framework Extensions: from n/a through 1.9.1...

5.4CVSS8.9AI score0.00216EPSS
Exploits0References1
CVE
CVE
added 2024/01/05 9:44 a.m.53 views

CVE-2023-51539

Technical details for CVE-2023-51539 are not provided in the supplied documents; no affected products, root cause, or remediation are disclosed here. Monitor for updates from vendors/security advisories.

8.8CVSS8.5AI score0.00216EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/01/05 12:0 a.m.5 views

WordPress Plugin Apollo13 Framework Extensions Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

8.8CVSS6.5AI score0.00216EPSS
Exploits0References2
WPVulnDB
WPVulnDB
added 2024/01/04 12:0 a.m.14 views

Apollo13 Framework Extensions < 1.9.2 - Cross-Site Request Forgery

Description The Apollo13 Framework Extensions plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.9.1. This is due to missing or incorrect nonce validation on the a13fenavaaddpost and a13fenavadeletepost functions. This makes it possible for...

8.8CVSS6.3AI score0.00216EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/12/27 12:0 a.m.9 views

WordPress Apollo13 Framework Extensions Plugin <= 1.9.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software Apollo13 Framework Extensions Type Plugin Vulnerable versions = 1.9.1 Fixed in 1.9.2 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-51539 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 726449528f18 Credits Brand...

8.8CVSS6.6AI score0.00216EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/11/08 7:15 p.m.5 views

CVE-2023-47190

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Apollo13Themes Apollo13 Framework Extensions plugin = 1.9.0 versions...

5.4CVSS7.3AI score0.00385EPSS
Exploits0References1
CVE
CVE
added 2023/11/08 6:21 p.m.48 views

CVE-2023-47190

CVE-2023-47190 affects the Apollo13 Framework Extensions plugin for WordPress (

6.5CVSS5.3AI score0.00385EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/11/08 6:21 p.m.23 views

CVE-2023-47190 WordPress Apollo13 Framework Extensions Plugin <= 1.9.0 is vulnerable to Cross Site Scripting (XSS)

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Apollo13Themes Apollo13 Framework Extensions plugin = 1.9.0 versions...

6.5CVSS5.4AI score0.00385EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/11/08 12:0 a.m.6 views

WordPress Plugin Apollo13 Framework Extensions Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

5.4CVSS5.9AI score0.00385EPSS
Exploits0References3
Patchstack
Patchstack
added 2023/11/03 12:0 a.m.14 views

WordPress Apollo13 Framework Extensions Plugin <= 1.9.0 is vulnerable to Cross Site Scripting (XSS)

Software Apollo13 Framework Extensions Type Plugin Vulnerable versions = 1.9.0 Fixed in 1.9.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-47190 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 5d12db201084 Credits Ngô Thiên An ancor...

5.4CVSS6.5AI score0.00385EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder