Lucene search
+L

7 matches found

Patchstack
Patchstack
added 2024/11/21 11:19 p.m.8 views

WordPress Community by PeepSo plugin <= 6.4.6.2 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by rajanhoyr in WordPress Plugin Community by PeepSo versions = 6.4.6.2...

6.1CVSS6.3AI score0.0055EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/10/16 6:15 a.m.25 views

CVE-2024-9873

The Community by PeepSo – Social Network, Membership, Registration, User Profiles, Premium – Mobile App plugin for WordPress is vulnerable to Stored Cross-Site Scripting via URLs in posts, comments, and profiles when Markdown support is enabled in all versions up to, and including, 6.4.6.1 due to...

5.4CVSS0.00256EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/10/15 12:0 a.m.17 views

WordPress Community by PeepSo Plugin <= 6.4.6.1 is vulnerable to Cross Site Scripting (XSS)

Software Community by PeepSo Type Plugin Vulnerable versions = 6.4.6.1 Fixed in 6.4.6.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9873 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 149b9a71dcfc Credits Bikram...

5.4CVSS5.5AI score0.00256EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2024/09/10 7:30 a.m.50 views

CVE-2024-7655

CVE-2024-7655 affects the WordPress plugin Community by PeepSo – Social Network, Membership, Registration, User Profiles, up to and including version 6.4.5.0. The issue is Stored Cross-Site Scripting caused by insufficient input sanitization and output escaping, exploitable by authenticated attac...

4.8CVSS4.7AI score0.00317EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2024/01/16 3:57 p.m.29 views

CVE-2023-7125 Community by PeepSo < 6.3.1.2 - User Post Creation via CSRF

The Community by PeepSo WordPress plugin before 6.3.1.2 does not have CSRF check when creating a user post visible on their wall in their profile page, which could allow attackers to make logged in users perform such action via a CSRF attack...

4.9AI score0.00237EPSS
Exploits2References1
Cvelist
Cvelist
added 2024/01/16 3:57 p.m.23 views

CVE-2024-0187 Community by PeepSo < 6.3.1.2 - Reflected XSS

The Community by PeepSo WordPress plugin before 6.3.1.2 does not sanitise and escape various parameters and generated URLs before outputting them back attributes, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.2AI score0.00515EPSS
Exploits2References1
CNNVD
CNNVD
added 2023/04/04 12:0 a.m.6 views

WordPress plugin Community by PeepSo 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

8.8CVSS8.1AI score0.00248EPSS
Exploits0References2
Rows per page
Query Builder