Lucene search
K

244 matches found

OSV
OSV
added 2023/07/18 3:15 p.m.4 views

CVE-2023-36384

Unauth. Reflected Cross-Site Scripting XSS vulnerability in CodePeople Booking Calendar Contact Form plugin = 1.2.40 versions...

6.1CVSS7.3AI score0.00351EPSS
Exploits0References1
NVD
NVD
added 2023/07/18 3:15 p.m.43 views

CVE-2023-36384

Unauth. Reflected Cross-Site Scripting XSS vulnerability in CodePeople Booking Calendar Contact Form plugin = 1.2.40 versions...

7.1CVSS0.00351EPSS
Exploits0References1
Prion
Prion
added 2023/07/18 3:15 p.m.30 views

Cross site scripting

Unauth. Reflected Cross-Site Scripting XSS vulnerability in CodePeople Booking Calendar Contact Form plugin = 1.2.40 versions...

5.8CVSS6AI score0.00351EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/07/18 2:17 p.m.75 views

CVE-2023-36384

CVE-2023-36384 affects the Booking Calendar Contact Form WordPress plugin, vulnerable in versions

7.1CVSS6AI score0.00351EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/07/18 12:0 a.m.32 views

Booking Calendar Contact Form < 1.2.41 - Unauthenticated Reflected Cross-Site Scripting

Description Unauth. Reflected Cross-Site Scripting XSS vulnerability in CodePeople Booking Calendar Contact Form plugin = 1.2.40 versions...

7.1CVSS6.1AI score0.00351EPSS
Exploits0Affected Software1
OSV
OSV
added 2023/04/06 6:15 a.m.4 views

CVE-2023-23971

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in CodePeople WP Time Slots Booking Form plugin = 1.1.81 versions...

4.8CVSS5.8AI score0.00392EPSS
Exploits0References1
CVE
CVE
added 2023/04/06 5:4 a.m.42 views

CVE-2023-23971

Summary: CVE-2023-23971 affects the CodePeople WP Time Slots Booking Form WordPress plugin (versions ≤ 1.1.81). The root cause is an authenticated stored XSS due to insufficient sanitization/escaping in plugin settings, enabling an admin+ user to inject scripts that could be executed by other use...

5.9CVSS4.9AI score0.00392EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/04/06 12:0 a.m.5 views

PT-2023-19326 · Codepeople · Codepeople Wp Time Slots Booking Form

Name of the Vulnerable Software and Affected Versions: CodePeople WP Time Slots Booking Form plugin versions = 1.1.81 Description: The issue is related to an Authenticated Stored Cross-Site Scripting XSS vulnerability. This means that an attacker with admin or higher privileges can inject malicio...

5.9CVSS4.7AI score0.00392EPSS
Exploits0References4
NVD
NVD
added 2023/03/04 10:15 p.m.22 views

CVE-2014-125091

A vulnerability has been found in codepeople cp-polls Plugin 1.0.1 on WordPress and classified as critical. This vulnerability affects unknown code of the file cp-admin-int-message-list.inc.php. The manipulation of the argument lu leads to sql injection. The attack can be initiated remotely...

9.8CVSS6.5AI score0.00788EPSS
Exploits0References4
Prion
Prion
added 2023/03/04 10:15 p.m.22 views

Sql injection

A vulnerability has been found in codepeople cp-polls Plugin 1.0.1 on WordPress and classified as critical. This vulnerability affects unknown code of the file cp-admin-int-message-list.inc.php. The manipulation of the argument lu leads to sql injection. The attack can be initiated remotely...

7.5CVSS8.1AI score0.00788EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/04 10:0 p.m.5 views

CVE-2014-125091 codepeople cp-polls Plugin cp-admin-int-message-list.inc.php sql injection

A vulnerability has been found in codepeople cp-polls Plugin 1.0.1 on WordPress and classified as critical. This vulnerability affects unknown code of the file cp-admin-int-message-list.inc.php. The manipulation of the argument lu leads to sql injection. The attack can be initiated remotely...

5.8CVSS8AI score0.00788EPSS
Exploits0References4
Cvelist
Cvelist
added 2023/03/04 10:0 p.m.29 views

CVE-2014-125091 codepeople cp-polls Plugin cp-admin-int-message-list.inc.php sql injection

A vulnerability has been found in codepeople cp-polls Plugin 1.0.1 on WordPress and classified as critical. This vulnerability affects unknown code of the file cp-admin-int-message-list.inc.php. The manipulation of the argument lu leads to sql injection. The attack can be initiated remotely...

5.8CVSS10AI score0.00788EPSS
Exploits0References4
CVE
CVE
added 2023/03/04 10:0 p.m.58 views

CVE-2014-125091

The CVE-2014-125091 entry concerns the codepeople cp-polls Plugin for WordPress (version 1.0.1). The vulnerability exists in the file cp-admin-int-message-list.inc.php and is triggered by manipulating the lu parameter to induce SQL injection. It is exploitable remotely, with upgrading to version ...

9.8CVSS7.6AI score0.00788EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2023/03/04 12:0 a.m.5 views

PT-2023-10159 · Codepeople · Codepeople Cp-Polls Plugin

Name of the Vulnerable Software and Affected Versions: codepeople cp-polls Plugin version 1.0.1 Description: A critical issue has been found in the codepeople cp-polls Plugin, affecting unknown code of the file cp-admin-int-message-list.inc.php. The manipulation of the lu argument leads to sql...

9.8CVSS7.9AI score0.00788EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2022/06/06 12:0 a.m.6 views

PT-2022-14050

Name of the Vulnerable Software and Affected Versions CP Image Store with Slideshow WordPress plugin versions prior to 1.0.68 Description The issue allows unauthenticated users to perform an SQL injection attack due to the lack of sanitization and escaping of the ordering by query parameter in SQ...

9.8CVSS7.3AI score0.1036EPSS
Exploits2References6
CNVD
CNVD
added 2020/07/03 12:0 a.m.3 views

WordPress CodePeople Payment Form for PayPal Pro SQL Injection Vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress CodePeople Payment Form for PayPal Pro suffers from a SQL injection vulnerability that can be...

9.8CVSS8.1AI score0.9453EPSS
Exploits1References1
OSV
OSV
added 2020/07/02 4:15 p.m.4 views

CVE-2020-14092

The CodePeople Payment Form for PayPal Pro plugin before 1.1.65 for WordPress allows SQL Injection...

9.8CVSS5.8AI score0.9453EPSS
Exploits1References3
NVD
NVD
added 2020/07/02 4:15 p.m.19 views

CVE-2020-14092

The CodePeople Payment Form for PayPal Pro plugin before 1.1.65 for WordPress allows SQL Injection...

9.8CVSS0.9453EPSS
Exploits1References3
Prion
Prion
added 2020/07/02 4:15 p.m.18 views

Sql injection

The CodePeople Payment Form for PayPal Pro plugin before 1.1.65 for WordPress allows SQL Injection...

7.5CVSS9.7AI score0.9453EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2020/07/02 3:20 p.m.77 views

CVE-2020-14092

Summary: CVE-2020-14092 affects the WordPress plugin “CodePeople Payment Form for PayPal Pro” up to version 1.1.65. The vulnerability is an SQL injection via the vulnerable plugin’s query parameter, allowing unauthenticated attackers to execute arbitrary SQL and have results output in JSON. The C...

9.8CVSS9.7AI score0.9453EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder