Lucene search
K

14 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-19854

Malicious code in bioql PyPI...

7.1CVSS7AI score0.00331EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/04 11:43 p.m.6 views

CVE-2024-22293

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Andrea Tarantini BP Profile Search allows Reflected XSS.This issue affects BP Profile Search: from n/a through 5.5...

7.1CVSS7AI score0.00331EPSS
Exploits0References1
NVD
NVD
added 2024/08/20 2:15 a.m.11 views

CVE-2024-7850

The BP Profile Search plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.7.5. This is due to missing or incorrect nonce validation on the bpsajaxfieldselector, bpsajaxtemplateoptions, and bpsajaxfieldrow functions. This makes it possible for...

6.1CVSS0.00215EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/08/20 12:0 a.m.4 views

WordPress plugin BP Profile Search 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in the...

6.1CVSS6.5AI score0.00215EPSS
Exploits0References5
Patchstack
Patchstack
added 2024/08/20 12:0 a.m.9 views

WordPress BP Profile Search Plugin <= 5.7.5 is vulnerable to Cross Site Request Forgery (CSRF)

Software BP Profile Search Type Plugin Vulnerable versions = 5.7.5 Fixed in 5.8 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-7850 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID c231ea7c4aad Credits vgo0 Required...

6.1CVSS6.7AI score0.00215EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2024/01/31 6:15 p.m.4 views

CVE-2024-22293

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Andrea Tarantini BP Profile Search allows Reflected XSS.This issue affects BP Profile Search: from n/a through 5.5...

6.1CVSS7.3AI score0.00331EPSS
Exploits0References1
Prion
Prion
added 2024/01/31 6:15 p.m.16 views

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Andrea Tarantini BP Profile Search allows Reflected XSS.This issue affects BP Profile Search: from n/a through 5.5...

5.8CVSS7.1AI score0.00331EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/01/31 5:33 p.m.45 views

CVE-2024-22293

The CVE-2024-22293 entry concerns the WordPress BP Profile Search plugin (versions n/a through 5.5). Affected component: BP Profile Search input handling leads to Reflected XSS (Cross-site Scripting). Root cause: improper neutralization of input during web page generation. Impact per sources: att...

7.1CVSS7AI score0.00331EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/01/31 5:33 p.m.17 views

CVE-2024-22293 WordPress BP Profile Search Plugin <= 5.5 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Andrea Tarantini BP Profile Search allows Reflected XSS.This issue affects BP Profile Search: from n/a through 5.5...

7.1CVSS7.2AI score0.00331EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/01/31 12:0 a.m.5 views

PT-2024-19314 · Andrea Tarantini · Bp Profile Search

Name of the Vulnerable Software and Affected Versions: Andrea Tarantini BP Profile Search versions n/a through 5.5 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. This means that an...

7.1CVSS6.7AI score0.00331EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/01/31 12:0 a.m.3 views

WordPress plugin BP Profile Search 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

7.1CVSS6.9AI score0.00331EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/01/17 12:0 a.m.10 views

WordPress BP Profile Search Plugin <= 5.5 is vulnerable to Cross Site Scripting (XSS)

Software BP Profile Search Type Plugin Vulnerable versions = 5.5 Fixed in 5.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-22293 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 5fc1725a4a59 Credits Le Ngoc Anh Required privilege...

7.1CVSS6.5AI score0.00331EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2016/12/09 12:0 a.m.9 views

WordPress BP Profile Search Plugin <= 4.5.3 - PHP Object Injection

This plugin is prone to a PHP object injection vulnerability. Solution Update the plugin...

2AI score
Exploits0References1Affected Software1
wpexploit
wpexploit
added 2016/12/09 12:0 a.m.15 views

BP Profile Search <= 4.5.3 - PHP Object Injection

The plugin bp-profile-search insecurely trusts serialized data submitted over HTTP requests. This opens up the site to a PHP object injection vulnerability potential exploit vector. This vulnerability was patched in version 4.6, information is being released now as a disclosure period has expired...

0.5AI score
Exploits0References1
Rows per page
Query Builder