Lucene search
K

14 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-34597

Malicious code in bioql PyPI...

4.8CVSS5.2AI score0.00493EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:53 p.m.4 views

CVE-2022-2328

The Flexi Quote Rotator WordPress plugin through 0.9.4 does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS6AI score0.00493EPSS
Exploits2References1
ATTACKERKB
ATTACKERKB
added 2022/08/01 1:15 p.m.2 views

CVE-2022-2328

The Flexi Quote Rotator WordPress plugin through 0.9.4 does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS5.9AI score0.00493EPSS
Exploits2References2
NVD
NVD
added 2022/08/01 1:15 p.m.13 views

CVE-2022-2328

The Flexi Quote Rotator WordPress plugin through 0.9.4 does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS0.00493EPSS
Exploits2References1
CVE
CVE
added 2022/08/01 12:52 p.m.52 views

CVE-2022-2328

Summary of CVE-2022-2328 : The Flexi Quote Rotator WordPress plugin (versions ≤ 0.9.4) does not sanitise or escape its settings, enabling stored Cross-Site Scripting for high-privilege users (e.g., admins) even when unfiltered_html is disallowed. Multiple sources confirm the vulnerability as an a...

4.8CVSS4.7AI score0.00493EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2022/08/01 12:52 p.m.29 views

CVE-2022-2328 Flexi Quote Rotator <= 0.9.4 - Admin+ Stored Cross-Site Scripting

The Flexi Quote Rotator WordPress plugin through 0.9.4 does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

5AI score0.00493EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2022/08/01 12:0 a.m.3 views

PT-2022-15919 · WordPress · Flexi Quote Rotator

Name of the Vulnerable Software and Affected Versions: Flexi Quote Rotator WordPress plugin versions 0.9.4 and earlier Description: The issue allows high privilege users, such as admins, to perform Cross-Site Scripting attacks. This is possible because the plugin does not properly sanitise and...

4.8CVSS4.5AI score0.00493EPSS
Exploits2References4
CNNVD
CNNVD
added 2022/08/01 12:0 a.m.6 views

WordPress plugin Flexi Quote Rotator 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

4.8CVSS4.9AI score0.00493EPSS
Exploits2References2
Patchstack
Patchstack
added 2022/07/07 12:0 a.m.21 views

WordPress Flexi Quote Rotator plugin <= 0.9.4 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Daniel Ruf in WordPress Flexi Quote Rotator plugin versions = 0.9.4. Solution Deactivate and delete. This plugin has been closed as of July 6, 2022 and is not available for download. This closure is temporary, pending a ful...

4.8CVSS2.4AI score0.00493EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2022/07/06 12:0 a.m.19 views

Flexi Quote Rotator <= 0.9.4 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. PoC Add the following payload to a new quote:...

4.8CVSS3AI score0.00493EPSS
Exploits2Affected Software1
wpexploit
wpexploit
added 2022/07/06 12:0 a.m.180 views

Flexi Quote Rotator <= 0.9.4 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. Add the following payload to a new quote:...

4.8CVSS1.8AI score0.00493EPSS
Exploits2
Patchstack
Patchstack
added 2015/05/15 12:0 a.m.10 views

WordPress Flexi Quote Rotator Plugin - Multiple Vulnerabilities

This plugin is prone to a cross site request forgery and SQL injection vulnerabilities. Solution Upgrade the plugin...

2.5AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2015/05/15 12:0 a.m.7 views

WordPress Flexi Quote Rotator Plugin - Multiple Vulnerabilities

This plugin is prone to a cross site request forgery and SQL injection vulnerabilities. Solution Upgrade the plugin...

2.5AI score
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2014/08/01 10:58 a.m.8 views

Flexi Quote Rotator - Cross-Site Request Forgery & SQL Injection Vulnerabilities

The Flexi Quote Rotator WordPress plugin was affected by a Cross-Site Request Forgery & SQL Injection Vulnerabilities security vulnerability...

2.6AI score
Exploits0Affected Software1
Rows per page
Query Builder