Lucene search
K

166 matches found

Tenable Nessus
Tenable Nessus
added 2020/05/11 12:0 a.m.22 views

Fedora 30 : wordpress (2020-fa71ca92f8)

WordPress 5.4.1 Security Updates Seven security issues affect WordPress versions 5.4 and earlier. If you havent yet updated to 5.4, all WordPress versions since 3.7 have also been updated to fix the following security issues : - Props to Muaz Bin Abdus Sattar and Jannes who both independently...

5.4AI score
Exploits0References1
OSV
OSV
added 2020/04/30 11:15 p.m.1 views

DEBIAN-CVE-2020-11030

In affected versions of WordPress, a special payload can be crafted that can lead to scripts getting executed within the search block of the block editor. This requires an authenticated user with the ability to add content. This has been patched in version 5.4.1, along with all the previously...

5.4CVSS6.7AI score0.01437EPSS
Exploits0References1
OSV
OSV
added 2020/04/30 11:15 p.m.22 views

CVE-2020-11030

In affected versions of WordPress, a special payload can be crafted that can lead to scripts getting executed within the search block of the block editor. This requires an authenticated user with the ability to add content. This has been patched in version 5.4.1, along with all the previously...

5.4CVSS6.3AI score0.01437EPSS
Exploits0References3
OSV
OSV
added 2020/04/30 11:15 p.m.2 views

UBUNTU-CVE-2020-11030

In affected versions of WordPress, a special payload can be crafted that can lead to scripts getting executed within the search block of the block editor. This requires an authenticated user with the ability to add content. This has been patched in version 5.4.1, along with all the previously...

6.4CVSS6.7AI score0.01437EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2020/04/30 11:15 p.m.22 views

CVE-2020-11030

In affected versions of WordPress, a special payload can be crafted that can lead to scripts getting executed within the search block of the block editor. This requires an authenticated user with the ability to add content. This has been patched in version 5.4.1, along with all the previously...

6.4CVSS6.7AI score0.01437EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2020/04/30 10:15 p.m.28 views

CVE-2020-11030

In affected versions of WordPress, a special payload can be crafted that can lead to scripts getting executed within the search block of the block editor. This requires an authenticated user with the ability to add content. This has been patched in version 5.4.1, along with all the previously...

6.4CVSS4AI score0.01437EPSS
Exploits0
CVE
CVE
added 2020/04/30 10:15 p.m.228 views

CVE-2020-11030

CVE-2020-11030 affects WordPress blocks/search handling. A crafted payload can cause scripts to run within the block editor search block when an authenticated user with content-adding rights is present. The vulnerability is mitigated by upgrading to WordPress 5.4.1 or applying the listed minor re...

6.4CVSS5.8AI score0.01437EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2020/02/06 10:15 a.m.3 views

CVE-2020-5528

Cross-site scripting vulnerability in Movable Type series Movable Type 7 r.4603 and earlier Movable Type 7, Movable Type 6.5.2 and earlier Movable Type 6.5, Movable Type Advanced 7 r.4603 and earlier Movable Type Advanced 7, Movable Type Advanced 6.5.2 and earlier Movable Type Advanced 6.5, Movab...

6.1CVSS5.9AI score0.00839EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/02/06 3:29 a.m.3 views

Movable Type vulnerable to cross-site scripting

Overview Movable Type provided by Six Apart Ltd. contains a cross-site scripting vulnerability CWE-79 in block editor and rich text editor. Six Apart Ltd. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Six Apart Ltd. coordinated under the...

6.1CVSS6AI score0.00839EPSS
Exploits0References5
Veracode
Veracode
added 2019/12/27 4:34 a.m.25 views

Cross-site Scripting (XSS)

wordpress is vulnerable to cross-site scripting XSS. The vulnerability exists as authenticated users can inject JavaScript code in the block editor that will be executed when it is rendered...

5.8CVSS2.9AI score0.01718EPSS
Exploits0References8Affected Software2
Veracode
Veracode
added 2019/12/27 2:30 a.m.24 views

Cross-site Scripting (XSS)

wordpress is vulnerable to cross-site scripting XSS. The vulnerability exists as authenticated users can inject JavaScript code in the block editor that will be executed when it is rendered...

5.8CVSS2.9AI score0.01396EPSS
Exploits0References8Affected Software2
Tenable Nessus
Tenable Nessus
added 2019/12/27 12:0 a.m.36 views

FreeBSD : wordpress -- multiple issues (7b97b32e-27c4-11ea-9673-4c72b94353b5)

wordpress developers reports : Four security issues affect WordPress versions 5.3 and earlier; version 5.3.1 fixes them, so youll want to upgrade. If you havent yet updated to 5.3, there are also updated versions of 5.2 and earlier that fix the security issues. -Props to Daniel Bachhuber for...

5AI score
Exploits0References2
OSV
OSV
added 2019/12/26 5:15 p.m.1 views

DEBIAN-CVE-2019-16780

WordPress users with lower privileges like contributors can inject JavaScript code in the block editor using a specific payload, which is executed within the dashboard. This can lead to XSS if an admin opens the post in the editor. Execution of this attack does require an authenticated user. This...

5.4CVSS6.6AI score0.01718EPSS
Exploits0References1
OSV
OSV
added 2019/12/26 5:15 p.m.35 views

CVE-2019-16781

In WordPress before 5.3.1, authenticated users with lower privileges like contributors can inject JavaScript code in the block editor, which is executed within the dashboard. It can lead to an admin opening the affected post in the editor leading to XSS...

5.4CVSS6.5AI score
Exploits0References7
OSV
OSV
added 2019/12/26 5:15 p.m.2 views

DEBIAN-CVE-2019-16781

In WordPress before 5.3.1, authenticated users with lower privileges like contributors can inject JavaScript code in the block editor, which is executed within the dashboard. It can lead to an admin opening the affected post in the editor leading to XSS...

5.4CVSS6.8AI score0.01396EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2019/12/26 5:15 p.m.29 views

CVE-2019-16780

WordPress users with lower privileges like contributors can inject JavaScript code in the block editor using a specific payload, which is executed within the dashboard. This can lead to XSS if an admin opens the post in the editor. Execution of this attack does require an authenticated user. This...

5.8CVSS6.8AI score0.01718EPSS
Exploits0References6
Prion
Prion
added 2019/12/26 5:15 p.m.13 views

Cross site scripting

In WordPress before 5.3.1, authenticated users with lower privileges like contributors can inject JavaScript code in the block editor, which is executed within the dashboard. It can lead to an admin opening the affected post in the editor leading to XSS...

3.5CVSS5.5AI score0.01396EPSS
Exploits0References7Affected Software2
UbuntuCve
UbuntuCve
added 2019/12/26 5:15 p.m.40 views

CVE-2019-16781

In WordPress before 5.3.1, authenticated users with lower privileges like contributors can inject JavaScript code in the block editor, which is executed within the dashboard. It can lead to an admin opening the affected post in the editor leading to XSS...

5.8CVSS6.9AI score0.01396EPSS
Exploits0References5
OSV
OSV
added 2019/12/26 5:15 p.m.2 views

UBUNTU-CVE-2019-16781

In WordPress before 5.3.1, authenticated users with lower privileges like contributors can inject JavaScript code in the block editor, which is executed within the dashboard. It can lead to an admin opening the affected post in the editor leading to XSS...

5.8CVSS6.8AI score0.01396EPSS
Exploits0References6
OSV
OSV
added 2019/12/26 5:15 p.m.2 views

UBUNTU-CVE-2019-16780

WordPress users with lower privileges like contributors can inject JavaScript code in the block editor using a specific payload, which is executed within the dashboard. This can lead to XSS if an admin opens the post in the editor. Execution of this attack does require an authenticated user. This...

5.8CVSS6.8AI score0.01718EPSS
Exploits0References7
Rows per page
Query Builder