Lucene search
K

11 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-43173

Malicious code in bioql PyPI...

4.8CVSS5AI score0.00501EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:13 p.m.7 views

CVE-2022-3833

The Fancier Author Box by ThematoSoup WordPress plugin through 1.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...

4.8CVSS5.6AI score0.00501EPSS
Exploits2References1
CNVD
CNVD
added 2022/11/30 12:0 a.m.21 views

WordPress Fancier Author Box by ThematoSoup plugin cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Fancier Author Box by ThematoSoup plugin 1.4 and earlier versions contain a cross-site scripting...

4.8CVSS0.5AI score0.00501EPSS
Exploits2References1
OSV
OSV
added 2022/11/28 2:15 p.m.6 views

CVE-2022-3833

The Fancier Author Box by ThematoSoup WordPress plugin through 1.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...

4.8CVSS5.8AI score0.00501EPSS
Exploits2References1
NVD
NVD
added 2022/11/28 2:15 p.m.20 views

CVE-2022-3833

The Fancier Author Box by ThematoSoup WordPress plugin through 1.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...

4.8CVSS0.00501EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2022/11/28 1:47 p.m.7 views

CVE-2022-3833 Fancier Author Box by ThematoSoup <= 1.4 - Admin+ Stored XSS

The Fancier Author Box by ThematoSoup WordPress plugin through 1.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...

5.6AI score0.00501EPSS
Exploits2References1
CVE
CVE
added 2022/11/28 1:47 p.m.61 views

CVE-2022-3833

The CVE-2022-3833 entry documents a stored XSS vulnerability in the WordPress plugin Fancier Author Box by ThematoSoup (versions prior to 1.5). The root cause is improper sanitisation/escaping of certain settings, including those related to the disabled unfiltered_html feature, which can allow an...

4.8CVSS4.6AI score0.00501EPSS
Exploits2References1Affected Software1
CNNVD
CNNVD
added 2022/11/28 12:0 a.m.5 views

WordPress plugin Fancier Author Box by ThematoSoup 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Fancier Author Box by ThematoSoup plugin 1.4 and earlier versions contain a cross-site scripting...

4.8CVSS5.9AI score0.00501EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2022/11/28 12:0 a.m.7 views

PT-2022-24371 · Thematosoup · The Fancier Author Box

Name of the Vulnerable Software and Affected Versions: The Fancier Author Box by ThematoSoup WordPress plugin versions prior to 1.5 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks. This can occur even when the unfiltered html...

4.8CVSS4.6AI score0.00501EPSS
Exploits2References3
wpexploit
wpexploit
added 2022/11/03 12:0 a.m.87 views

Fancier Author Box by ThematoSoup <= 1.4 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. 1. Open the setting page of this plugin. 2. There...

4.8CVSS4.7AI score0.00501EPSS
Exploits2
Patchstack
Patchstack
added 2022/11/03 12:0 a.m.31 views

WordPress Fancier Author Box by ThematoSoup plugin <= 1.4 - Auth. Stored Cross-Site Scripting (XSS) vulnerability

Auth. Stored Cross-Site Scripting XSS vulnerability discovered by zhangyunpei in WordPress Fancier Author Box by ThematoSoup plugin versions = 1.4. Solution Deactivate and delete. This plugin has been closed as of November 2, 2022 and is not available for download. This closure is temporary,...

1.8AI score0.00501EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder