CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-49933

Malicious code in bioql PyPI...

5.9CVSS5.2AI score0.00207EPSS

Exploits0References1

Patchstack•added 2024/07/03 12:0 a.m.•5 views

WordPress alfred24 Click & Collect Plugin <= 1.1.7 is vulnerable to Backdoor

Software alfred24 Click & Collect Type Plugin Vulnerable versions = 1.1.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Backdoor CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID cf5f2b39e0cf Credits Sansec.io Required privilege Unauthenticated Published 3...

7.2AI score

Exploits0References2Affected Software1

OSV•added 2023/04/24 3:15 p.m.•1 views

CVE-2022-47158

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Pakpobox alfred24 Click & Collect plugin = 1.1.7 versions...

4.8CVSS5.8AI score

Exploits0References1

NVD•added 2023/04/24 3:15 p.m.•8 views

CVE-2022-47158

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Pakpobox alfred24 Click & Collect plugin = 1.1.7 versions...

5.9CVSS5.4AI score0.00207EPSS

Exploits0References1

Prion•added 2023/04/24 3:15 p.m.•14 views

Cross site scripting

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Pakpobox alfred24 Click & Collect plugin = 1.1.7 versions...

4.3CVSS4.8AI score0.00207EPSS

Exploits0References1Affected Software1

CVE•added 2023/04/24 2:16 p.m.•38 views

CVE-2022-47158

The CVE-2022-47158 entry concerns a stored XSS vulnerability in the Pakpobox alfred24 Click & Collect WordPress plugin (versions

5.9CVSS4.9AI score0.00207EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2023/04/24 2:16 p.m.•6 views

CVE-2022-47158 WordPress alfred24 Click & Collect Plugin <= 1.1.7 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Pakpobox alfred24 Click & Collect plugin = 1.1.7 versions...

5.9CVSS5.6AI score0.00207EPSS

Exploits0References1

Cvelist•added 2023/04/24 2:16 p.m.•15 views

CVE-2022-47158 WordPress alfred24 Click & Collect Plugin <= 1.1.7 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Pakpobox alfred24 Click & Collect plugin = 1.1.7 versions...

5.9CVSS5.5AI score0.00207EPSS

Exploits0References1

Positive Technologies•added 2023/04/24 12:0 a.m.•2 views

PT-2023-15201 · Pakpobox · Pakpobox Alfred24 Click & Collect Plugin

Name of the Vulnerable Software and Affected Versions: Pakpobox alfred24 Click & Collect plugin versions = 1.1.7 Description: The issue is related to an Authenticated Stored Cross-Site Scripting XSS vulnerability. This means that an attacker with admin+ privileges can inject malicious scripts int...

5.9CVSS4.8AI score0.00207EPSS

Exploits0References4

WPVulnDB•added 2023/01/13 12:0 a.m.•17 views

alfred24 Click & Collect <= 1.1.7 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.8AI score0.00207EPSS

Exploits0Affected Software1

Patchstack•added 2023/01/13 12:0 a.m.•9 views

WordPress alfred24 Click & Collect Plugin <= 1.1.7 is vulnerable to Cross Site Scripting (XSS)

Software alfred24 Click & Collect Type Plugin Vulnerable versions = 1.1.7 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-47158 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID bd2c86c67b0a Credits Team WeBoB...

5.9CVSS5.8AI score0.00207EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by