Lucene search
K

11 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-11639

Malicious code in bioql PyPI...

7.1CVSS9.2AI score0.00235EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/25 4:52 p.m.11 views

CVE-2025-27337

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kontur Fontsampler fontsampler allows Reflected XSS.This issue affects Fontsampler: from n/a through = 0.4.14...

7.1CVSS7.2AI score0.00235EPSS
Exploits0References1
NVD
NVD
added 2025/04/17 4:15 p.m.10 views

CVE-2025-27337

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kontur Fontsampler fontsampler allows Reflected XSS.This issue affects Fontsampler: from n/a through = 0.4.14...

7.1CVSS0.00235EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/17 3:47 p.m.4 views

CVE-2025-27337 WordPress Fontsampler Plugin <= 0.4.14 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kontur Fontsampler fontsampler allows Reflected XSS.This issue affects Fontsampler: from n/a through = 0.4.14...

7.1CVSS8.6AI score0.00235EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/17 3:47 p.m.16 views

CVE-2025-27337 WordPress Fontsampler Plugin <= 0.4.14 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kontur Fontsampler fontsampler allows Reflected XSS.This issue affects Fontsampler: from n/a through = 0.4.14...

7.1CVSS0.00235EPSS
Exploits0References1
CVE
CVE
added 2025/04/17 3:47 p.m.42 views

CVE-2025-27337

CVE-2025-27337 is a WordPress Fontsampler plugin vulnerability: CSRF-enabled, leading to a reflected Cross-Site Scripting (XSS) in Fontsampler versions up to and including 0.4.14. The issue arises from improper input neutralization during web page generation, enabling an attacker to trigger XSS w...

7.1CVSS7.2AI score0.00235EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/17 12:0 a.m.2 views

WordPress plugin Fontsampler 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A cross-site...

7.1CVSS8.2AI score0.00235EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/17 12:0 a.m.5 views

PT-2025-17072 · Unknown · Kontur Fontsampler

Name of the Vulnerable Software and Affected Versions: kontur Fontsampler versions 0.4.14 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. This means that an attacker can...

7.1CVSS9.1AI score0.00235EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/02/21 12:0 a.m.3 views

WordPress Fontsampler Plugin <= 0.4.14 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability

CSRF to Reflected Cross Site Scripting XSS vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin Fontsampler versions = 0.4.14...

7.1CVSS6.1AI score0.00235EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2021/06/30 12:0 a.m.14 views

Fontsampler < 0.4.13 - CSRF to Authenticated Reflected Cross-Site Scripting (XSS)

The plugin did not properly check for CSRF and authorisation in its ajaxgetmockfontsampler AJAX action, which could lead to an authenticated reflected XSS issue as user input was then output without being sanitised first. PoC POST /wp-admin/admin-ajax.php HTTP/1.1 Accept: / Accept-Language:...

1.9AI score
Exploits0Affected Software1
wpexploit
wpexploit
added 2021/06/30 12:0 a.m.121 views

Fontsampler < 0.4.13 - CSRF to Authenticated Reflected Cross-Site Scripting (XSS)

The plugin did not properly check for CSRF and authorisation in its ajaxgetmockfontsampler AJAX action, which could lead to an authenticated reflected XSS issue as user input was then output without being sanitised first. POST /wp-admin/admin-ajax.php HTTP/1.1 Accept: / Accept-Language:...

0.2AI score
Exploits0
Rows per page
Query Builder