Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 2025/10/19 3:44 a.m.1 views

CVE-2020-36854

The Async JavaScript plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.19.07.14. This is due to missing authorization checks on the ajsteps AJAX aciton along with a lack on sanitization on the settings saved via the function. This makes it...

6.4CVSS4.8AI score0.0003EPSS
Exploits0References1
NVD
NVDadded 2025/10/18 4:16 a.m.1 views

CVE-2020-36854

The Async JavaScript plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.19.07.14. This is due to missing authorization checks on the ajsteps AJAX aciton along with a lack on sanitization on the settings saved via the function. This makes it...

6.4CVSS0.0003EPSS
Exploits0References2
CNNVD
CNNVDadded 2025/10/18 12:0 a.m.1 views

WordPress plugin Async JavaScript 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A cross-site...

6.4CVSS5.9AI score0.0003EPSS
Exploits0References3
NVD
NVDadded 2023/03/14 8:15 a.m.11 views

CVE-2022-47154

Cross-Site Request Forgery CSRF vulnerability in Pi Websolution CSS JS Manager, Async JavaScript, Defer Render Blocking CSS supports WooCommerce plugin = 2.4.49 versions...

8.8CVSS5.8AI score0.00106EPSS
Exploits0References1
Cvelist
Cvelistadded 2023/03/14 7:11 a.m.15 views

CVE-2022-47154 WordPress CSS JS Manager Plugin <= 2.4.49 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Pi Websolution CSS JS Manager, Async JavaScript, Defer Render Blocking CSS supports WooCommerce plugin = 2.4.49 versions...

4.3CVSS9AI score0.00106EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2023/03/14 12:0 a.m.2 views

PT-2023-15198 · Unknown · Pi Websolution Css Js Manager +1

Name of the Vulnerable Software and Affected Versions: Pi Websolution CSS JS Manager, Async JavaScript, Defer Render Blocking CSS supports WooCommerce plugin versions = 2.4.49 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows a...

8.8CVSS8.8AI score0.00106EPSS
Exploits0References3
Patchstack
Patchstackadded 2021/06/29 12:0 a.m.8 views

WordPress Async JavaScript plugin <= 2.20.12.09 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by m0ze in WordPress Async JavaScript plugin versions = 2.20.12.09. Solution Update the WordPress Async JavaScript plugin to the latest available version at least 2.21.06.29...

2.3AI score
Exploits0References2Affected Software1
VulnCheck KEV
VulnCheck KEVadded 2020/02/27 12:0 a.m.0 views

VulnCheck KEV: CVE-2020-36854

The Async JavaScript plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.19.07.14. This is due to missing authorization checks on the ajsteps AJAX aciton along with a lack on sanitization on the settings saved via the function. This makes it...

6.4CVSS5.8AI score0.0003EPSS
Exploits0References1
Rows per page
Query Builder