Lucene search
+L

147 matches found

CNNVD
CNNVD
added 2025/12/09 12:0 a.m.4 views

WordPress plugin Essential Widgets 安全漏洞

WordPress Essential Widgets plugin is a tool used to enhance the functionality of your website, mainly providing the ability to create and add highly customizable widgets Widgets to help users manage the layout of their website content more flexibly. A cross-site scripting vulnerability exists in...

6.5CVSS5.9AI score0.00167EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/01 12:0 a.m.5 views

WordPress plugin Arconix Shortcodes 跨站脚本漏洞

WordPress Arconix Shortcodes plugin is a plugin that provides a wide range of shortcode functionality for WordPress websites. WordPress Arconix Shortcodes plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of...

6.5CVSS6AI score0.00135EPSS
Exploits0References2
CNVD
CNVD
added 2025/11/25 12:0 a.m.3 views

WordPress Bulma Shortcodes plugin cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. The WordPress Bulma Shortcodes plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-suppli...

6.4CVSS6.1AI score0.00166EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/25 12:0 a.m.6 views

WordPress plugin Iframe 跨站脚本漏洞

The WordPress iframe plugin is a tool for embedding iFrame content in WordPress websites, allowing users to embed external web pages, videos, forms, etc. into their pages. WordPress iframe plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective...

6.4CVSS6AI score0.00161EPSS
Exploits0References3
CNVD
CNVD
added 2025/11/20 12:0 a.m.4 views

WordPress everviz plugin cross-site scripting vulnerability

WordPress everviz plugin is an interactive chart, map and table generator for the WordPress platform that allows you to quickly create visual content without programming skills. WordPress everviz plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of...

6.4CVSS6.1AI score0.00181EPSS
Exploits0References1
CNVD
CNVD
added 2025/11/20 12:0 a.m.3 views

WordPress Checkout Files Upload for WooCommerce plugin Cross-Site Scripting Vulnerability

WordPress Checkout Files Upload for WooCommerce plugin is a plugin designed for the WordPress platform that allows users to upload files on the checkout page, often used to collect order-related documents or customization information. The WordPress Checkout Files Upload for WooCommerce plugin...

7.2CVSS6.2AI score0.00221EPSS
Exploits0References1
CNVD
CNVD
added 2025/11/20 12:0 a.m.6 views

Complaint Management System between-date-userreport.php file cross-site scripting vulnerability

Complaint Management System is a complaint management system. Complaint Management System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the fromdate and todate parameters in between-date-userreport.php, whic...

4.6CVSS6.3AI score0.00197EPSS
Exploits1References1
CNVD
CNVD
added 2025/11/18 12:0 a.m.4 views

WordPress Booster for WooCommerce Plugin Cross-Site Scripting Vulnerability

WordPress Booster for WooCommerce Plugin is a multi-functional plugin designed specifically for the WooCommerce e-commerce platform, offering more than 100 features including PDF invoices, product variants, wish lists, and other tools designed to streamline e-commerce operations and enhance user...

6.5CVSS6.2AI score0.00155EPSS
Exploits0References1
CNVD
CNVD
added 2025/11/18 12:0 a.m.4 views

WordPress Qi Blocks plugin cross-site scripting vulnerability

WordPress Qi Blocks plugin is a WordPress block plugin developed by QodeInteractive, providing 48 free blocks and 33 premium blocks 81 in total, covering categories such as typography, infographics, form styles, content display, etc., and supporting highly customizable and flexible website buildi...

6.5CVSS6.1AI score0.00155EPSS
Exploits0References1
CNVD
CNVD
added 2025/11/11 12:0 a.m.2 views

Advantech WebAccess/VPN StandaloneVpnClientsController.addStandaloneVpnClientAction function cross-site scripting vulnerability

Advantech WebAccess/VPN is a virtual private network feature integrated in Advantech WebAccess/SCADA software, designed to provide a secure and reliable network connectivity solution for industrial automation and remote monitoring systems. Advantech WebAccess/VPN suffers from a cross-site scripti...

6.3CVSS6.2AI score0.00197EPSS
Exploits0References1
CNVD
CNVD
added 2025/11/11 12:0 a.m.4 views

CMSimple_XH cross-site scripting vulnerability (CNVD-2026-02642)

CMSimpleXH is a PHP-based content management system derived from the original CMSimple project and belongs to its offshoot version. CMSimpleXH suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data, for...

7.1CVSS6.2AI score0.00328EPSS
Exploits1References1
CNVD
CNVD
added 2025/11/05 12:0 a.m.6 views

WordPress Employee Spotlight plugin cross-site scripting vulnerability

WordPress Employee Spotlight plugin is a plugin for quickly searching and managing WordPress backend content, inspired by the Mac's Spotlight feature, which supports searching for posts, users, plugins, themes, etc., and provides real-time updating and editing features. The WordPress Employee...

6.4CVSS6.1AI score0.00176EPSS
Exploits0References1
CNVD
CNVD
added 2025/11/05 12:0 a.m.2 views

WordPress Consulting Elementor Widgets plugin cross-site scripting vulnerability

WordPress Consulting Elementor Widgets plugin is a plugin for the Elementor page builder that allows users to add and customize website content with drag and drop functionality. The WordPress Consulting Elementor Widgets plugin suffers from a cross-site scripting vulnerability that stems from the...

6.5CVSS6AI score0.00151EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/01 12:0 a.m.5 views

WordPress plugin Community Events 跨站脚本漏洞

WordPress Community Events plugin is an event management plugin for the WordPress platform that allows users to create and display event calendars with support for AJAX dynamic loading and event submission form functionality. WordPress Community Events plugin suffers from a cross-site scripting...

7.2CVSS6AI score0.00265EPSS
Exploits0References4
CNVD
CNVD
added 2025/10/31 12:0 a.m.4 views

Client Details System welcome.php File Cross-Site Scripting Vulnerability

Client Details System is a client information system. Client Details System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the file /welcome.php, which can be exploited by an attacker to execute arbitrary Web...

4.8CVSS6.1AI score0.00235EPSS
Exploits1References1
CNVD
CNVD
added 2025/10/31 12:0 a.m.5 views

Client Details System manage-users.php File Cross-Site Scripting Vulnerability

Client Details System is a client information system. Client Details System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the file /admin/manage-users.php, which can be exploited by an attacker to execute...

4.8CVSS6.1AI score0.0026EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/10/31 12:0 a.m.6 views

WordPress plugin Groundhogg 安全漏洞

WordPress Groundhogg Plugin is a Customer Relationship Management CRM, email marketing and marketing automation tool designed for the WordPress platform and is designed to help users increase customer conversions and sales productivity through automated processes. WordPress Groundhogg Plugin...

6.5CVSS6AI score0.00151EPSS
Exploits0References1
CNVD
CNVD
added 2025/10/31 12:0 a.m.4 views

Curfew e-Pass Management System edit-category-detail.php file cross-site scripting vulnerability

Curfew e-Pass Management System is an electronic pass management system. Curfew e-Pass Management System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameter catname in the file...

4.8CVSS6.2AI score0.00237EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/10/22 12:0 a.m.5 views

WordPress Plugin CF7 Auto Responder Addon 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress CF7 Auto Responder Addon plugin, which stems from the application's lack of effective filtering and escaping of...

7.1CVSS5.9AI score0.00226EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/22 12:0 a.m.7 views

WordPress plugin Cinza Grid 跨站脚本漏洞

WordPress Cinza Grid plugin is a lightweight WordPress plugin based on Isotope Waterfall Layout for creating responsive grid layouts that support the presentation of posts, pages or custom content types. WordPress Cinza Grid plugin suffers from a cross-site scripting vulnerability that stems from...

6.4CVSS5.9AI score0.00223EPSS
Exploits0References4
Rows per page
Query Builder