Lucene search
K

9 matches found

VulnCheck KEV
VulnCheck KEV
added 2026/02/25 12:0 a.m.60 views

VulnCheck KEV: CVE-2024-3495

The Country State City Dropdown CF7 plugin for WordPress is vulnerable to SQL Injection via the ‘cnt’ and 'sid' parameters in versions up to, and including, 2.7.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes i...

9.8CVSS5.9AI score0.13618EPSS
In wildExploits1References2
CVE
CVE
added 2024/05/22 8:31 a.m.124 views

CVE-2024-3495

CVE-2024-3495 : WordPress plugin Country State City Dropdown CF7 (

9.8CVSS9.6AI score0.13618EPSS
In wildExploits1References4
Patchstack
Patchstack
added 2024/05/22 1:23 a.m.8 views

WordPress Country State City Dropdown CF7 plugin <= 2.7.2 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by Krzysztof Zając in WordPress Plugin Country State City Dropdown CF7 versions = 2.7.2...

9.8CVSS8.1AI score0.13618EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2024/05/22 12:0 a.m.21 views

WordPress Country State City Dropdown CF7 Plugin <= 2.7.2 is vulnerable to SQL Injection

Software Country State City Dropdown CF7 Type Plugin Vulnerable versions = 2.7.2 Fixed in 2.7.3 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-3495 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID 39d467a76c0d Credits Krzysztof Zając Required privile...

9.8CVSS6.8AI score0.13618EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2024/05/22 12:0 a.m.11 views

PT-2024-26266

Name of the Vulnerable Software and Affected Versions Country State City Dropdown CF7 plugin for WordPress versions up to and including 2.7.2 Description The Country State City Dropdown CF7 plugin for WordPress is susceptible to SQL Injection through the cnt and sid parameters. Insufficient input...

9.8CVSS5.7AI score0.13618EPSS
Exploits1References13
Positive Technologies
Positive Technologies
added 2024/05/02 12:0 a.m.6 views

PT-2024-26377 · WordPress · Country State City Dropdown Cf7

Name of the Vulnerable Software and Affected Versions: The Country State City Dropdown CF7 plugin for WordPress versions up to, and including, 2.7.1 Description: The issue allows authenticated attackers with subscriber access and above to modify data without proper authorization. This is due to a...

4.3CVSS6.7AI score0.00445EPSS
Exploits0References4
Patchstack
Patchstack
added 2024/04/16 1:7 a.m.4 views

WordPress Country State City Dropdown CF7 plugin <= 2.7.1 - Missing Authorization vulnerability

Missing Authorization vulnerability discovered by Lucio Sá in WordPress Plugin Country State City Dropdown CF7 versions = 2.7.1...

4.3CVSS7AI score0.00445EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/04/16 12:0 a.m.7 views

WordPress Country State City Dropdown CF7 Plugin <= 2.7.1 is vulnerable to Broken Access Control

Software Country State City Dropdown CF7 Type Plugin Vulnerable versions = 2.7.1 Fixed in 2.7.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-3520 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID bfcec957c70d Credits Lucio Sá...

4.3CVSS6.6AI score0.00445EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2023/07/24 12:0 a.m.3 views

Carlisting 跨站脚本漏洞

Carlisting is a responsive car listing directory content management system CMS by the phpscriptpoint team. A cross-site scripting vulnerability exists in Carlisting version 1.6, which stems from unknown code in the file search.php, which leads to cross-site scripting via the parameters...

6.1CVSS4.6AI score0.00312EPSS
Exploits0References3
Rows per page
Query Builder