Lucene search
K

16 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-26942

Malicious code in bioql PyPI...

5.3CVSS6.5AI score0.00268EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/07 2:32 p.m.3 views

CVE-2025-58835

Improper Validation of Specified Quantity in Input vulnerability in calliko Bonus for Woo bonus-for-woo allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Bonus for Woo: from n/a through = 7.6.6...

5.3CVSS5.9AI score0.00268EPSS
Exploits0References1
NVD
NVD
added 2025/09/05 2:15 p.m.6 views

CVE-2025-58835

Improper Validation of Specified Quantity in Input vulnerability in calliko Bonus for Woo bonus-for-woo allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Bonus for Woo: from n/a through = 7.6.6...

5.3CVSS0.00268EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/05 1:45 p.m.13 views

CVE-2025-58835 WordPress Bonus for Woo plugin <= 7.6.6 - Other vulnerability Type vulnerability

Improper Validation of Specified Quantity in Input vulnerability in calliko Bonus for Woo bonus-for-woo allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Bonus for Woo: from n/a through = 7.6.6...

5.3CVSS0.00268EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/05 1:45 p.m.2 views

CVE-2025-58835 WordPress Bonus for Woo plugin <= 7.6.6 - Other vulnerability Type vulnerability

Improper Validation of Specified Quantity in Input vulnerability in calliko Bonus for Woo bonus-for-woo allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Bonus for Woo: from n/a through = 7.6.6...

5.3CVSS5.9AI score0.00268EPSS
Exploits0References1
CVE
CVE
added 2025/09/05 1:45 p.m.11 views

CVE-2025-58835

CVE-2025-58835 concerns Bonus for Woo (WordPress) with improper validation of a specified quantity in input, enabling access to functionality not properly constrained by ACLs. Affected versions are n/a through 7.4.1. Public sources indicate remediation via upgrading to a newer version (per PT-202...

5.3CVSS5.9AI score0.00268EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/09/05 1:32 p.m.3 views

WordPress Bonus for Woo plugin <= 7.6.6 - Other Vulnerability Type vulnerability

Other Vulnerability Type vulnerability discovered by Martino Spagnuolo r3verii in WordPress Plugin Bonus for Woo versions = 7.6.6...

5.3CVSS5.4AI score0.00268EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2025/09/05 12:0 a.m.4 views

WordPress plugin Bonus for Woo 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.3CVSS6.5AI score0.00268EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/05 12:0 a.m.4 views

PT-2025-36174

Name of the Vulnerable Software and Affected Versions: Bonus for Woo versions n/a through 7.4.1 Description: An improper validation of the specified quantity in input exists in Bonus for Woo, potentially allowing access to functionality not properly constrained by Access Control Lists ACLs...

5.3CVSS6.4AI score0.00268EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 4:30 a.m.19 views

CVE-2023-5140

The Bonus for Woo WordPress plugin before 5.8.3 does not sanitise and escape some parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1CVSS6.1AI score0.00444EPSS
Exploits2References1
NVD
NVD
added 2023/11/20 7:15 p.m.37 views

CVE-2023-5140

The Bonus for Woo WordPress plugin before 5.8.3 does not sanitise and escape some parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1CVSS0.00444EPSS
Exploits2References1
OSV
OSV
added 2023/11/20 7:15 p.m.8 views

CVE-2023-5140

The Bonus for Woo WordPress plugin before 5.8.3 does not sanitise and escape some parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1CVSS7.3AI score0.00444EPSS
Exploits2References1
Prion
Prion
added 2023/11/20 7:15 p.m.16 views

Cross site scripting

The Bonus for Woo WordPress plugin before 5.8.3 does not sanitise and escape some parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

5.8CVSS6.3AI score0.00444EPSS
Exploits2References1Affected Software1
CVE
CVE
added 2023/11/20 6:55 p.m.54 views

CVE-2023-5140

The CVE-2023-5140 entry corresponds to the Bonus for Woo WordPress plugin (pre-5.8.3) and is a Reflected Cross-Site Scripting (XSS) vulnerability caused by insufficient sanitisation/escaping of parameters output in pages. Exploitation could target high-privilege users (e.g., admins). Public detai...

6.1CVSS6.1AI score0.00444EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2023/10/27 12:0 a.m.17 views

WordPress Bonus for Woo Plugin <= 5.8.2 is vulnerable to Cross Site Scripting (XSS)

Software Bonus for Woo Type Plugin Vulnerable versions = 5.8.2 Fixed in 5.8.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5140 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID bebc071bb4a6 Credits Enrico Marcolini...

6.1CVSS5.7AI score0.00444EPSS
Exploits2References3Affected Software1
wpexploit
wpexploit
added 2023/10/27 12:0 a.m.117 views

Bonus for Woo < 5.8.3 - Reflected Cross-Site Scripting

Description The plugin does not sanitise and escape some parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin. Make a logged in admin open one of the URL below...

6.1CVSS5.8AI score0.00444EPSS
Exploits2
Rows per page
Query Builder