Lucene search
K

99 matches found

NVD
NVD
added 2024/07/22 10:15 a.m.26 views

CVE-2024-37199

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Kriesi.At Enfold allows Reflected XSS.This issue affects Enfold: from n/a through 5.6.9...

7.1CVSS0.00288EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/22 9:33 a.m.15 views

CVE-2024-37199 WordPress Enfold theme <= 5.6.9 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Kriesi.At Enfold allows Reflected XSS.This issue affects Enfold: from n/a through 5.6.9...

7.1CVSS7.2AI score0.00288EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/22 9:33 a.m.33 views

CVE-2024-37199 WordPress Enfold theme <= 5.6.9 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Kriesi.At Enfold allows Reflected XSS.This issue affects Enfold: from n/a through 5.6.9...

7.1CVSS0.00288EPSS
Exploits0References1
CVE
CVE
added 2024/07/22 9:33 a.m.84 views

CVE-2024-37199

CVE-2024-37199 is a Reflected XSS vulnerability in the WordPress theme Enfold (Kriesi.At Enfold) affecting Enfold versions up to and including 5.6.9. Public detail states that input is improperly neutralized during web page generation, enabling reflected XSS. The Red Hat/NVD entries corroborate t...

7.1CVSS7AI score0.00288EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/07/22 12:0 a.m.6 views

PT-2024-27367 · Enfold · Enfold

Name of the Vulnerable Software and Affected Versions: Enfold versions through 5.6.9 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Reflected XSS. Recommendations: For versions through 5.6.9...

7.1CVSS6.8AI score0.00288EPSS
Exploits0References6
Patchstack
Patchstack
added 2024/06/20 10:33 a.m.5 views

WordPress Enfold theme <= 5.6.9 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by tom Patchstack Alliance in WordPress Theme Enfold versions = 5.6.9...

7.1CVSS6.1AI score0.00288EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/06/20 12:0 a.m.22 views

WordPress Enfold Theme <= 5.6.9 is vulnerable to Cross Site Scripting (XSS)

Software Enfold Type Theme Vulnerable versions = 5.6.9 Fixed in 5.6.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37199 Patch priority Low CVSS severity Low 7.1 Developer Kriesi PSID 231fe6fad434 Credits tom Required privilege Unauthenticated Published 20 June...

7.1CVSS6.6AI score0.00288EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2023/11/30 5:15 p.m.24 views

CVE-2023-38400

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kriesi Enfold - Responsive Multi-Purpose Theme allows Reflected XSS.This issue affects Enfold - Responsive Multi-Purpose Theme: from n/a through 5.6.4...

7.1CVSS0.00403EPSS
Exploits0References1
OSV
OSV
added 2023/11/30 5:15 p.m.5 views

CVE-2023-38400

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kriesi Enfold - Responsive Multi-Purpose Theme allows Reflected XSS.This issue affects Enfold - Responsive Multi-Purpose Theme: from n/a through 5.6.4...

6.1CVSS7.3AI score0.00403EPSS
Exploits0References1
Prion
Prion
added 2023/11/30 5:15 p.m.17 views

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kriesi Enfold - Responsive Multi-Purpose Theme allows Reflected XSS.This issue affects Enfold - Responsive Multi-Purpose Theme: from n/a through 5.6.4...

5.8CVSS7.1AI score0.00403EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/11/30 4:57 p.m.34 views

CVE-2023-38400 WordPress Enfold Theme <= 5.6.4 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kriesi Enfold - Responsive Multi-Purpose Theme allows Reflected XSS.This issue affects Enfold - Responsive Multi-Purpose Theme: from n/a through 5.6.4...

7.1CVSS7.2AI score0.00403EPSS
Exploits0References1
CVE
CVE
added 2023/11/30 4:57 p.m.106 views

CVE-2023-38400

CVE-2023-38400 affects Enfold - Responsive Multi-Purpose Theme (WordPress) up to version 5.6.4. The issue is a Reflected Cross-Site Scripting (XSS) caused by improper neutralization of input during web page generation. Exploitation details are not provided in the supplied documents, but Patchstac...

7.1CVSS7.1AI score0.00403EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/11/30 12:0 a.m.5 views

WordPress Plugin Enfold Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

7.1CVSS6AI score0.00403EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/11/30 12:0 a.m.8 views

PT-2023-26407 · Enfold · Enfold

Name of the Vulnerable Software and Affected Versions: Enfold - Responsive Multi-Purpose Theme versions n/a through 5.6.4 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Reflected XSS...

7.1CVSS6.5AI score0.00403EPSS
Exploits0References6
WPVulnDB
WPVulnDB
added 2023/11/29 12:0 a.m.27 views

Enfold < 5.6.5 - Reflected Cross-Site Scripting

Description The Enfold - Responsive Multi-Purpose Theme theme for WordPress is vulnerable to Reflected Cross-Site Scripting via an unknown parameter in all versions up to, and including, 5.6.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

7.1CVSS6.5AI score0.00403EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/11/23 12:0 a.m.14 views

WordPress Enfold Theme <= 5.6.4 is vulnerable to Cross Site Scripting (XSS)

Software Enfold Type Theme Vulnerable versions = 5.6.4 Fixed in 5.6.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-38400 Patch priority Medium CVSS severity Medium 7.1 Developer Kriesi PSID 33a791c850de Credits Rafie Muhammad Patchstack Required privilege...

7.1CVSS6.8AI score0.00403EPSS
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2023/03/29 12:0 a.m.19 views

WordPress Enfold Theme Plugin < 4.8.4 XSS Vulnerability

The WordPress SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:kriesi:enfold"; if description...

6.1CVSS6.3AI score0.02959EPSS
Exploits5References1
OpenVAS
OpenVAS
added 2023/03/29 12:0 a.m.11 views

WordPress Enfold Theme Plugin < 3.0.1 Unknown Vulnerability

The WordPress SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:kriesi:enfold"; if description...

10CVSS6.8AI score0.02101EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2021/10/19 12:0 a.m.401 views

WordPress Enfold Theme 4.8.3 Cross Site Scripting

Exploit Title: WordPress Theme Enfold 4.8.3 - Reflected Cross-Site Scripting XSS Google Dork: "inurl:avia-element-paging" Date: 18/10/2021 Exploit Author: Francisco Díaz-Pache Alonso, Sergio Corral Cristo and David Álvarez Robles Vendor Homepage: https://kriesi.at/ Version: Enfold This URL must...

4.3CVSS6.3AI score0.02959EPSS
Exploits5
0day.today
0day.today
added 2021/10/19 12:0 a.m.433 views

WordPress Theme Enfold 4.8.3 - Reflected Cross-Site Scripting Vulnerability

Exploit Title: WordPress Theme Enfold 4.8.3 - Reflected Cross-Site Scripting XSS Google Dork: "inurl:avia-element-paging" Exploit Author: Francisco Díaz-Pache Alonso, Sergio Corral Cristo and David Álvarez Robles Vendor Homepage: https://kriesi.at/ Version: Enfold This URL must include pages show...

6.1CVSS6.3AI score0.02959EPSS
Exploits5
Rows per page
Query Builder