Lucene search
K

362 matches found

Patchstack
Patchstack
added 2025/03/28 10:35 a.m.5 views

WordPress Dropdown Multisite selector plugin < 0.9.4 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin Dropdown Multisite selector versions 0.9.4...

6.5CVSS6.2AI score0.00193EPSS
Exploits0Affected Software1
NVD
NVD
added 2025/03/28 10:15 a.m.6 views

CVE-2025-31090

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in alordiel Dropdown Multisite selector dropdown-multisite-selector allows Stored XSS.This issue affects Dropdown Multisite selector: from n/a through 0.9.4...

6.5CVSS0.00193EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/28 9:39 a.m.14 views

CVE-2025-31090 WordPress Dropdown Multisite selector plugin < 0.9.4 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in alordiel Dropdown Multisite selector dropdown-multisite-selector allows Stored XSS.This issue affects Dropdown Multisite selector: from n/a through 0.9.4...

6.5CVSS0.00193EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/28 9:39 a.m.5 views

CVE-2025-31090 WordPress Dropdown Multisite selector < 0.9.4 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in alordiel Dropdown Multisite selector allows Stored XSS. This issue affects Dropdown Multisite selector: from n/a through n/a...

6.5CVSS6.9AI score0.00193EPSS
Exploits0References1
CVE
CVE
added 2025/03/28 9:39 a.m.58 views

CVE-2025-31090

CVE-2025-31090 affects the Dropdown Multisite selector component. The issue is an improper input neutralization during web page generation, allowing a Stored Cross-Site Scripting (XSS) vulnerability. Affected versions are earlier than 0.9.4 for the Dropdown Multisite selector. The CVSSv3.1 base s...

6.5CVSS7.2AI score0.00193EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/03/28 12:0 a.m.3 views

WordPress plugin Dropdown Multisite selector 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.5CVSS7.9AI score0.00193EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/03/26 2:31 p.m.6 views

CVE-2025-30560

Cross-Site Request Forgery CSRF vulnerability in Sana Ullah jQuery Dropdown Menu jquery-drop-down-menu-plugin allows Stored XSS.This issue affects jQuery Dropdown Menu: from n/a through = 3.0...

7.1CVSS7.2AI score0.00178EPSS
Exploits0References1
NVD
NVD
added 2025/03/24 2:15 p.m.3 views

CVE-2025-30560

Cross-Site Request Forgery CSRF vulnerability in Sana Ullah jQuery Dropdown Menu jquery-drop-down-menu-plugin allows Stored XSS.This issue affects jQuery Dropdown Menu: from n/a through = 3.0...

7.1CVSS0.00178EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/24 1:47 p.m.22 views

CVE-2025-30560 WordPress jQuery Dropdown Menu plugin <= 3.0 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Sana Ullah jQuery Dropdown Menu jquery-drop-down-menu-plugin allows Stored XSS.This issue affects jQuery Dropdown Menu: from n/a through = 3.0...

7.1CVSS0.00178EPSS
Exploits0References1
CVE
CVE
added 2025/03/24 1:47 p.m.51 views

CVE-2025-30560

CVE-2025-30560 is a CSRF-to-Stored XSS vulnerability in the WordPress plugin jQuery Dropdown Menu (versions up to 3.0, affected from n/a through 3.0). The CVSS 3.1 score is 7.1 (High) with network attack vector, low attack complexity, no privileges required, but requires user interaction, and it ...

7.1CVSS7.2AI score0.00178EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/03/24 1:30 p.m.3 views

WordPress jQuery Dropdown Menu plugin <= 3.0 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin jQuery Dropdown Menu versions = 3.0...

7.1CVSS6.2AI score0.00178EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2025/03/24 12:0 a.m.4 views

WordPress plugin jQuery Dropdown Menu 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

7.1CVSS8.2AI score0.00178EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.2 views

Astra Linux – Vulnerability in Firefox and Thunderbird

An attacker could cause a select dropdown menu to be displayed over another tab; this could lead to user confusion and potential spoofing attacks. This vulnerability affects Firefox 133, Firefox ESR 128.5, Thunderbird 133, and Thunderbird 128.5...

4.3CVSS6.6AI score0.00469EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/02/03 5:25 p.m.4 views

Malicious code in fitbit-widget-dropdown (npm)

The package communicates with a domain associated with malicious activity...

7AI score
Exploits0
CNNVD
CNNVD
added 2024/12/27 12:0 a.m.2 views

CodeAstro Car Rental System 注入漏洞

CodeAstro Car Rental System is a car rental system from CodeAstro. An injection vulnerability exists in CodeAstro Car Rental System version 1.0, which stems from an incorrect operation of the parameter driveridfromdropdown that can result in SQL injection...

9.8CVSS7.1AI score0.00539EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/12/27 12:0 a.m.4 views

PT-2024-17844 · Codeastro · Codeastro Car Rental System

Name of the Vulnerable Software and Affected Versions: CodeAstro Car Rental System version 1.0 Description: A critical issue has been found in the CodeAstro Car Rental System. The problem affects an unknown functionality of the file /bookingconfirm.php. The manipulation of the driver id from...

9.8CVSS8.1AI score0.00539EPSS
Exploits1References10
CNNVD
CNNVD
added 2024/12/14 12:0 a.m.4 views

WordPress plugin GeoDataSource Country Region DropDown 跨站脚本漏洞

WordPress and the WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress plugin...

6.4CVSS7.9AI score0.00344EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/12/14 12:0 a.m.5 views

PT-2024-17610 · WordPress · Geodatasource Country Region Dropdown

Name of the Vulnerable Software and Affected Versions: GeoDataSource Country Region DropDown plugin for WordPress versions up to, and including, 1.0.1 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'gds-country-dropdown' shortcode due to insufficient input...

6.4CVSS6.2AI score0.00344EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/12/09 9:29 a.m.3 views

firefox: thunderbird: Select list elements could be shown over another site

A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the following issue: An attacker could cause a select dropdown to be shown over another tab; this could have led to user confusion and possible spoofing attacks...

4.3CVSS7.2AI score0.00469EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2024/12/09 9:29 a.m.4 views

firefox: thunderbird: Select list elements could be shown over another site

A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the following issue: An attacker could cause a select dropdown to be shown over another tab; this could have led to user confusion and possible spoofing attacks...

4.3CVSS7.2AI score0.00469EPSS
Exploits0References9
Rows per page
Query Builder