Lucene search
K

442 matches found

wpexploit
wpexploit
added 2023/10/09 12:0 a.m.177 views

EventPrime < 3.2.0 - Reflected XSS

Description The plugin does not sanitise and escape some parameters before outputting them back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. POC 1 - Visit any of the following pages created by the plugin: - Event Organize...

6.1CVSS6.1AI score0.0042EPSS
Exploits2
OSV
OSV
added 2023/06/20 7:15 a.m.4 views

CVE-2023-35884

Unauth. Reflected Cross-Site Scripting XSS vulnerability in EventPrime plugin = 3.0.5 versions...

6.1CVSS5.8AI score0.00411EPSS
Exploits0References1
NVD
NVD
added 2023/06/20 7:15 a.m.27 views

CVE-2023-35884

Unauth. Reflected Cross-Site Scripting XSS vulnerability in EventPrime plugin = 3.0.5 versions...

7.1CVSS6.2AI score0.00411EPSS
Exploits0References1
Prion
Prion
added 2023/06/20 7:15 a.m.13 views

Cross site scripting

Unauth. Reflected Cross-Site Scripting XSS vulnerability in EventPrime plugin = 3.0.5 versions...

5.8CVSS6AI score0.00411EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/06/20 6:50 a.m.31 views

CVE-2023-35884 WordPress EventPrime Plugin <= 3.0.5 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in EventPrime plugin = 3.0.5 versions...

7.1CVSS6.3AI score0.00411EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/06/20 6:50 a.m.15 views

CVE-2023-35884 WordPress EventPrime Plugin <= 3.0.5 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in EventPrime plugin = 3.0.5 versions...

7.1CVSS5.9AI score0.00411EPSS
Exploits0References1
CVE
CVE
added 2023/06/20 6:50 a.m.35 views

CVE-2023-35884

CVE-2023-35884 affects the WordPress EventPrime Plugin prior to v3.0.6. It is an unauthenticated, reflected XSS vulnerability in versions ≤ 3.0.5, where input is not properly sanitized/escaped. Impact is reflected XSS leading to potential script execution in victims’ browsers. Fix: upgrade to v3....

7.1CVSS6AI score0.00411EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/06/20 12:0 a.m.4 views

WordPress plugin EventPrime 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

7.1CVSS6AI score0.00411EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/06/20 12:0 a.m.6 views

PT-2023-25363 · Unknown · Eventprime

Name of the Vulnerable Software and Affected Versions: EventPrime plugin versions prior to 3.0.6 Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This means that an attacker could potentially inject malicious scripts into a website, which would the...

7.1CVSS5.8AI score0.00411EPSS
Exploits0References3
WPVulnDB
WPVulnDB
added 2023/06/19 12:0 a.m.13 views

EventPrime < 3.0.6 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS6AI score0.00411EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2023/06/19 12:0 a.m.24 views

WordPress EventPrime Plugin <= 3.0.5 is vulnerable to Cross Site Scripting (XSS)

Software EventPrime Type Plugin Vulnerable versions = 3.0.5 Fixed in 3.0.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-35884 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0d78f3844de4 Credits Le Ngoc Anh Required...

7.1CVSS5.6AI score0.00411EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2023/05/28 6:15 p.m.20 views

CVE-2023-33326

Unauth. Reflected XSS Cross-Site Scripting XSS vulnerability in EventPrime plugin = 2.8.6 versions...

7.1CVSS6.2AI score0.00382EPSS
Exploits0References1
OSV
OSV
added 2023/05/28 6:15 p.m.2 views

CVE-2023-33326

Unauth. Reflected XSS Cross-Site Scripting XSS vulnerability in EventPrime plugin = 2.8.6 versions...

6.1CVSS6.8AI score0.00382EPSS
Exploits0References1
Prion
Prion
added 2023/05/28 6:15 p.m.18 views

Cross site scripting

Unauth. Reflected XSS Cross-Site Scripting XSS vulnerability in EventPrime plugin = 2.8.6 versions...

5.8CVSS5.9AI score0.00382EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/05/28 5:42 p.m.12 views

CVE-2023-33326 WordPress EventPrime Plugin <= 2.8.6 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected XSS Cross-Site Scripting XSS vulnerability in EventPrime plugin = 2.8.6 versions...

7.1CVSS5.8AI score0.00382EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/05/28 5:42 p.m.22 views

CVE-2023-33326 WordPress EventPrime Plugin <= 2.8.6 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected XSS Cross-Site Scripting XSS vulnerability in EventPrime plugin = 2.8.6 versions...

7.1CVSS6.3AI score0.00382EPSS
Exploits0References1
CVE
CVE
added 2023/05/28 5:42 p.m.40 views

CVE-2023-33326

CVE-2023-33326: Unauthenticated reflected XSS in WordPress EventPrime plugin ≤ 2.8.6. Affected: EventPrime (Modern Events Calendar, Bookings and Tickets) plugin. Root cause: reflected XSS in the plugin (details not fully disclosed in initial docs; multiple sources corroborate). Impact per PatchSt...

7.1CVSS6AI score0.00382EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/05/28 12:0 a.m.5 views

PT-2023-24295 · Unknown · Eventprime

Name of the Vulnerable Software and Affected Versions: EventPrime plugin versions = 2.8.6 Description: The issue is related to an Unauth. Reflected XSS Cross-Site Scripting XSS vulnerability. This means that an attacker can inject malicious scripts into a website, potentially allowing them to ste...

7.1CVSS6.2AI score0.00382EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/05/28 12:0 a.m.5 views

WordPress plugin EventPrime – Modern Events Calendar, Bookings and Tickets 2.8.6及 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

7.1CVSS6.8AI score0.00382EPSS
Exploits0References2
Patchstack
Patchstack
added 2023/05/22 12:0 a.m.12 views

WordPress EventPrime Plugin <= 2.8.6 is vulnerable to Cross Site Scripting (XSS)

Software EventPrime Type Plugin Vulnerable versions = 2.8.6 Fixed in 3.0.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-33326 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 54de00d180dc Credits yuyudhn Required...

7.1CVSS5.9AI score0.00382EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder