Lucene search
K

99 matches found

Packet Storm
Packet Storm
added 2021/10/19 12:0 a.m.400 views

WordPress Enfold Theme 4.8.3 Cross Site Scripting

Exploit Title: WordPress Theme Enfold 4.8.3 - Reflected Cross-Site Scripting XSS Google Dork: "inurl:avia-element-paging" Date: 18/10/2021 Exploit Author: Francisco Díaz-Pache Alonso, Sergio Corral Cristo and David Álvarez Robles Vendor Homepage: https://kriesi.at/ Version: Enfold This URL must...

4.3CVSS6.3AI score0.02959EPSS
Exploits5
CNVD
CNVD
added 2021/10/13 12:0 a.m.22 views

WordPress Enfold Enfold theme cross-site scripting vulnerability

WordPress is the Wordpress Foundation's set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. cross-site scripting vulnerability exists in versions of WordPress Enfold Enfold theme prior to 4.8.4, which originate...

6.1CVSS2AI score0.02959EPSS
Exploits5References1
OSV
OSV
added 2021/10/11 11:15 a.m.4 views

CVE-2021-24719

The Enfold Enfold WordPress theme before 4.8.4 was vulnerable to Reflected Cross-Site Scripting XSS. The vulnerability is present on Enfold versions previous than 4.8.4 which use Avia Page Builder...

6.1CVSS6.4AI score0.02959EPSS
Exploits5References2
NVD
NVD
added 2021/10/11 11:15 a.m.13 views

CVE-2021-24719

The Enfold Enfold WordPress theme before 4.8.4 was vulnerable to Reflected Cross-Site Scripting XSS. The vulnerability is present on Enfold versions previous than 4.8.4 which use Avia Page Builder...

6.1CVSS0.02959EPSS
Exploits5References2
Prion
Prion
added 2021/10/11 11:15 a.m.19 views

Cross site scripting

The Enfold Enfold WordPress theme before 4.8.4 was vulnerable to Reflected Cross-Site Scripting XSS. The vulnerability is present on Enfold versions previous than 4.8.4 which use Avia Page Builder...

4.3CVSS6AI score0.02959EPSS
Exploits5References2Affected Software1
CVE
CVE
added 2021/10/11 10:45 a.m.86 views

CVE-2021-24719

The CVE-2021-24719 entry relates to the WordPress Enfold theme prior to 4.8.4, where the Avia Page Builder enabled a Reflected Cross-Site Scripting (XSS) vulnerability. The root cause is insufficient input validation/filtering in versions earlier than 4.8.4, allowing an attacker to cause client-s...

6.1CVSS5.9AI score0.02959EPSS
Exploits5References2Affected Software1
Cvelist
Cvelist
added 2021/10/11 10:45 a.m.21 views

CVE-2021-24719 Enfold Theme < 4.8.4 - Reflected Cross-Site Scripting (XSS)

The Enfold Enfold WordPress theme before 4.8.4 was vulnerable to Reflected Cross-Site Scripting XSS. The vulnerability is present on Enfold versions previous than 4.8.4 which use Avia Page Builder...

6.2AI score0.02959EPSS
Exploits5References2
CNNVD
CNNVD
added 2021/10/11 12:0 a.m.10 views

WordPress 插件 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. cross-site scripting vulnerability exists in versions of WordPress Enfold Enfold theme prior to 4.8.4, which originate...

6.1CVSS6.2AI score0.02959EPSS
Exploits5References4
wpexploit
wpexploit
added 2021/09/06 12:0 a.m.168 views

Enfold Theme < 4.8.4 - Reflected Cross-Site Scripting (XSS)

The Enfold theme was vulnerable to Reflected Cross-Site Scripting XSS. The vulnerability is present on Enfold versions previous than 4.8.4 which use Avia Page Builder. The issue appears when pagination comes in place while navigating on a WordPress site with Enfold theme active. When that occurs,...

6.1CVSS6.1AI score0.02959EPSS
Exploits5
WPVulnDB
WPVulnDB
added 2021/09/06 12:0 a.m.24 views

Enfold Theme < 4.8.4 - Reflected Cross-Site Scripting (XSS)

The Enfold theme was vulnerable to Reflected Cross-Site Scripting XSS. The vulnerability is present on Enfold versions previous than 4.8.4 which use Avia Page Builder. PoC The issue appears when pagination comes in place while navigating on a WordPress site with Enfold theme active. When that...

6.1CVSS0.2AI score0.02959EPSS
Exploits5Affected Software1
Patchstack
Patchstack
added 2021/09/06 12:0 a.m.23 views

WordPress Enfold premium theme <= 4.8.3 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by David Álvarez Robles, Francisco Díaz-Pache Alonso & Sergio Corral Cristo in WordPress Enfold premium theme versions = 4.8.3. Solution Update the WordPress Enfold premium theme to the latest available version at least 4.8.4...

6.1CVSS1.8AI score0.02959EPSS
Exploits5References3Affected Software1
Patchstack
Patchstack
added 2018/01/30 12:0 a.m.18 views

WordPress Enfold theme <=4.2 - Rewrite Portfolio Permalink Structure & Information Disclosure

Rewrite Portfolio Permalink Structure & Information Disclosure in WordPress Enfold theme versions =4.2. Solution Update the WordPress Enfold theme to the latest available version at least 4.2.1...

1.9AI score
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2018/01/27 12:0 a.m.25 views

Enfold Theme < 4.2.1 - Rewrite Portfolio Permalink Structure & Information Disclosure

The changelog describes two security fixes: - fixed: security issue that would allow an attacker to export your enfold theme settings - fixed: security issue that allowed an attacker to rewrite the portfolio permalink structure...

2.1AI score
Exploits0References1Affected Software1
NVD
NVD
added 2014/10/13 10:55 a.m.17 views

CVE-2014-7297

Unspecified vulnerability in the folder framework in the Enfold theme before 3.0.1 for WordPress has unknown impact and attack vectors...

10CVSS6.6AI score0.02101EPSS
Exploits0References2
Prion
Prion
added 2014/10/13 10:55 a.m.16 views

Security feature bypass

Unspecified vulnerability in the folder framework in the Enfold theme before 3.0.1 for WordPress has unknown impact and attack vectors...

10CVSS7.2AI score0.02101EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2014/10/13 10:0 a.m.25 views

CVE-2014-7297

Unspecified vulnerability in the folder framework in the Enfold theme before 3.0.1 for WordPress has unknown impact and attack vectors...

6.6AI score0.02101EPSS
Exploits0References2
CVE
CVE
added 2014/10/13 10:0 a.m.55 views

CVE-2014-7297

Technical details about CVE-2014-7297 are not publicly available in the provided documents. The sources describe an unspecified vulnerability in Enfold

10CVSS6.8AI score0.02101EPSS
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
added 2014/10/02 12:0 a.m.22 views

Enfold < 3.0.1 - Unspecified Issue

The enfold WordPress theme was affected by an Unspecified Issue security vulnerability...

10CVSS2.3AI score0.02101EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2014/10/02 12:0 a.m.19 views

WordPress Enfold Theme <= 3.0.0 - Unspecified Vulnerability

Because of this vulnerability in the folder framework, this theme has unknown impact and attack vectors. Solution Update the theme...

10CVSS6.8AI score0.02101EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder