Lucene search
K

9 matches found

OSV
OSV
added 2025/05/15 8:15 p.m.4 views

CVE-2024-6718

The PVN Auth Popup WordPress plugin through 1.0.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS5.8AI score0.00258EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/05/15 8:7 p.m.4 views

CVE-2024-6713 PVN Auth Popup <= 1.0.0 - Admin+ Stored XSS

The PVN Auth Popup WordPress plugin through 1.0.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5AI score0.00271EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/05/15 8:7 p.m.15 views

CVE-2024-6718 PVN Auth Popup <= 1.0.0 - Contributor+ XSS via Shortcode

The PVN Auth Popup WordPress plugin through 1.0.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

0.00258EPSS
Exploits1References1
CVE
CVE
added 2025/05/15 8:7 p.m.25 views

CVE-2024-6718

The CVE-2024-6718 entry concerns the PVN Auth Popup WordPress plugin (versions

5.4CVSS5.9AI score0.00258EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/05/15 12:0 a.m.4 views

PT-2025-21493 · WordPress · Pvn Auth Popup

Name of the Vulnerable Software and Affected Versions: PVN Auth Popup WordPress plugin versions 1.0.0 and earlier Description: The issue concerns the PVN Auth Popup WordPress plugin, which does not properly sanitise and escape some of its settings. This could allow high-privilege users, such as...

4.8CVSS4.7AI score0.00271EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/05/15 12:0 a.m.3 views

WordPress plugin PVN Auth Popup 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.4CVSS5.3AI score0.00258EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/05/15 12:0 a.m.2 views

WordPress plugin PVN Auth Popup 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.8CVSS4.9AI score0.00271EPSS
Exploits1References1
0day.today
0day.today
added 2024/08/14 12:0 a.m.170 views

WordPress PVN Auth Popup 1.0.0 Cross Site Scripting Vulnerability

Exploit Title: PVN Auth Popup alert1 for the "Login text" input 3. Save and see the XSS Note: Other fields are likely vulnerable...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/13 12:0 a.m.230 views

WordPress PVN Auth Popup 1.0.0 Cross Site Scripting

Exploit Title: PVN Auth Popup alert1 for the "Login text" input 3. Save and see the XSS Note: Other fields are likely vulnerable Reference: https://wpscan.com/vulnerability/24685b19-0a44-411a-9e1b-d4d0627d7cb6/...

7.4AI score
Exploits0
Rows per page
Query Builder