Lucene search
K

5 matches found

Vulnrichment
Vulnrichment
added 2026/06/09 3:41 a.m.7 views

CVE-2026-8977 WP GDPR Cookie Consent <= 1.0.0 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'ninja_gdpr_ajax_actions' AJAX Action

The WP GDPR Cookie Consent plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'ninjagdprajaxactions' AJAX action in versions up to, and including, 1.0.0. This is due to missing capability and nonce checks on the handleAjaxCalls function, combined with insufficient input...

6.4CVSS5.7AI score0.00188EPSS
Exploits0References5
OSV
OSV
added 2022/05/24 3:15 p.m.1 views

DEBIAN-CVE-2022-29221

Smarty is a template engine for PHP, facilitating the separation of presentation HTML/CSS from application logic. Prior to versions 3.1.45 and 4.1.1, template authors could inject php code by choosing a malicious block name or include file name. Sites that cannot fully trust template authors shou...

8.8CVSS6.5AI score0.0454EPSS
Exploits1References1
CNNVD
CNNVD
added 2020/11/24 12:0 a.m.8 views

Highlightjs Security Vulnerability

Highlightjs is a syntax highlighting tool written in JavaScript by the Highlightjs team. It is available on both browsers and servers, does not depend on any framework, and has automatic language detection. A security vulnerability exists in Highlightjs version 9.18.2 and versions prior to 10.1.2...

8.7CVSS6.9AI score0.01296EPSS
Exploits0References11
CNVD
CNVD
added 2015/04/23 12:0 a.m.3 views

Drupal Taxonews Module Cross-Site Scripting Vulnerability

Drupal is a free, open-source content management system developed in PHP and maintained by the Drupal community.Taxonews is one of the modules that generates blocks containing titles for nodes in the taxonomy vocabulary by matching conditions. A cross-site scripting vulnerability exists in the...

3.5CVSS6AI score0.00965EPSS
Exploits0References1
CVE
CVE
added 2009/02/10 2:0 a.m.80 views

CVE-2009-0502

CVE-2009-0502 is a cross-site scripting (XSS) vulnerability in Snoopy 1.2.3 used by Moodle, exploitable when viewing an HTML block via the Moodle "Login as" flow to MyMoodle or Blog pages. Affects Moodle releases prior to 1.6.9, 1.7 prior to 1.7.7, 1.8 prior to 1.8.8, and 1.9 prior to 1.9.4. The ...

4.3CVSS6.5AI score0.0125EPSS
Exploits0References6Affected Software2
Rows per page
Query Builder