Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:35 p.m.9 views

CVE-2026-5293

The 診断ジェネレータ作成プラグイン Diagnosis Generator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'js' parameter in versions up to and including 1.4.16. This is due to missing authorization checks and insufficient input sanitization in the themeFunc function. The function is hooke...

6.4CVSS5.7AI score0.00308EPSS
Exploits0References1
NVD
NVD
added 2026/05/20 2:16 a.m.18 views

CVE-2026-5293

The 診断ジェネレータ作成プラグイン Diagnosis Generator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'js' parameter in versions up to and including 1.4.16. This is due to missing authorization checks and insufficient input sanitization in the themeFunc function. The function is hooke...

6.4CVSS0.00308EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/05/20 1:25 a.m.39 views

CVE-2026-5293 診断ジェネレータ作成プラグイン <= 1.4.16 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'js' Parameter

The 診断ジェネレータ作成プラグイン Diagnosis Generator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'js' parameter in versions up to and including 1.4.16. This is due to missing authorization checks and insufficient input sanitization in the themeFunc function. The function is hooke...

6.4CVSS0.00308EPSS
Exploits0References9
CVE
CVE
added 2026/05/20 1:25 a.m.19 views

CVE-2026-5293

The CVE concerns the WordPress plugin Diagnosis Generator (診断ジェネレータ作成プラグイン) up to version 1.4.16. It enables Stored Cross-Site Scripting via the js parameter due to missing authorization checks and insufficient input sanitization in themeFunc(), which runs on admin_init and processes theme update...

6.4CVSS6AI score0.00308EPSS
Exploits0References9
EUVD
EUVD
added 2026/05/20 1:25 a.m.13 views

EUVD-2026-31034

The 診断ジェネレータ作成プラグイン Diagnosis Generator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'js' parameter in versions up to and including 1.4.16. This is due to missing authorization checks and insufficient input sanitization in the themeFunc function. The function is hooke...

6.4CVSS6AI score0.00308EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2026/05/20 1:25 a.m.6 views

CVE-2026-5293

The 診断ジェネレータ作成プラグイン Diagnosis Generator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'js' parameter in versions up to and including 1.4.16. This is due to missing authorization checks and insufficient input sanitization in the themeFunc function. The function is hooke...

6.4CVSS6AI score0.00308EPSS
Exploits0References10
Vulnrichment
Vulnrichment
added 2026/05/20 1:25 a.m.9 views

CVE-2026-5293 診断ジェネレータ作成プラグイン <= 1.4.16 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'js' Parameter

The 診断ジェネレータ作成プラグイン Diagnosis Generator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'js' parameter in versions up to and including 1.4.16. This is due to missing authorization checks and insufficient input sanitization in the themeFunc function. The function is hooke...

6.4CVSS6AI score0.00308EPSS
Exploits0References9
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.7 views

WordPress plugin os-diagnosis-generator 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

6.4CVSS5.8AI score0.00308EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/20 12:0 a.m.13 views

PT-2026-42057

The 診断ジェネレータ作成プラグイン Diagnosis Generator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'js' parameter in versions up to and including 1.4.16. This is due to missing authorization checks and insufficient input sanitization in the themeFunc function. The function is hooke...

6.4CVSS6AI score0.00308EPSS
Exploits0References11
ATTACKERKB
ATTACKERKB
added 2025/06/06 1:15 p.m.4 views

CVE-2025-30934

Missing Authorization vulnerability in OLIVESYSTEM 診断ジェネレータ作成プラグイン os-diagnosis-generator allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects 診断ジェネレータ作成プラグイン: from n/a through = 1.4.16...

5.3CVSS5.9AI score0.00257EPSS
Exploits0References3
Rows per page
Query Builder