Lucene search
K

212 matches found

NVD
NVD
added 2024/01/08 6:15 p.m.17 views

CVE-2023-52225

Deserialization of Untrusted Data vulnerability in Tagbox Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics.This issue affects Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics: from n/a through 3.1...

10CVSS9.6AI score0.00645EPSS
Exploits0References1
OSV
OSV
added 2024/01/08 6:15 p.m.5 views

CVE-2023-52225

Deserialization of Untrusted Data vulnerability in Tagbox Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics.This issue affects Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics: from n/a through 3.1...

9.8CVSS7.3AI score0.00645EPSS
Exploits0References1
Prion
Prion
added 2024/01/08 6:15 p.m.15 views

Deserialization of untrusted data

Deserialization of Untrusted Data vulnerability in Tagbox Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics.This issue affects Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics: from n/a through 3.1...

7.5CVSS7.2AI score0.00645EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/01/08 5:13 p.m.53 views

CVE-2023-52225

CVE-2023-52225 describes a deserialization of untrusted data vulnerability in the WordPress plugin Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics . Affected versions are listed as up to version 3.1 (n/a to 3.1); the root cause is improper deserialization of untrusted input...

10CVSS8.6AI score0.00645EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/01/08 12:0 a.m.4 views

PT-2024-14489 · Unknown · Tagbox – Ugc Galleries

Name of the Vulnerable Software and Affected Versions: Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics versions n/a through 3.1 Description: The issue is related to Deserialization of Untrusted Data, which affects Tagbox – UGC Galleries, Social Media Widgets, User Reviews &...

10CVSS9.2AI score0.00645EPSS
Exploits0References5
OSV
OSV
added 2023/12/20 2:15 p.m.3 views

CVE-2023-41796

Authorization Bypass Through User-Controlled Key vulnerability in WP Sunshine Sunshine Photo Cart: Free Client Galleries for Photographers.This issue affects Sunshine Photo Cart: Free Client Galleries for Photographers: from n/a before 3.0.0...

6.5CVSS5.8AI score
Exploits0References1
CVE
CVE
added 2023/12/20 1:42 p.m.50 views

CVE-2023-41796

The Sunshine Photo Cart plugin for WordPress (Sunshine Photo Cart: Free Client Galleries for Photographers) is affected by CVE-2023-41796. Affected versions are before 3.0.0 and the root cause is Insecure Direct Object References (IDOR) caused by authorization bypass via a user-controlled key, en...

6.5CVSS7.1AI score0.00359EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2023/12/18 4:15 p.m.11 views

CVE-2023-33214

Cross-Site Request Forgery CSRF vulnerability in Tagbox Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics.This issue affects Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics: from n/a through 3.1...

8.8CVSS0.00254EPSS
Exploits0References1
OSV
OSV
added 2023/12/18 4:15 p.m.6 views

CVE-2023-33214

Cross-Site Request Forgery CSRF vulnerability in Tagbox Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics.This issue affects Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics: from n/a through 3.1...

8.8CVSS7.3AI score0.00254EPSS
Exploits0References1
Prion
Prion
added 2023/12/18 4:15 p.m.17 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Tagbox Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics.This issue affects Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics: from n/a through 3.1...

6.8CVSS7.2AI score0.00254EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/12/18 3:48 p.m.24 views

CVE-2023-33214 WordPress Taggbox Plugin <= 3.1 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Tagbox Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics.This issue affects Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics: from n/a through 3.1...

5.4CVSS8.9AI score0.00254EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/12/18 3:48 p.m.17 views

CVE-2023-33214 WordPress Taggbox Plugin <= 3.1 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Tagbox Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics.This issue affects Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics: from n/a through 3.1...

5.4CVSS7AI score0.00254EPSS
Exploits0References1
CVE
CVE
added 2023/12/18 3:48 p.m.83 views

CVE-2023-33214

CVE-2023-33214 is a Cross-Site Request Forgery (CSRF) vulnerability affecting the WordPress Taggbox widget/plugin (Taggbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics). Public records tie this to the Taggbox WordPress plugin, with vulnerable versions cited as up to and includi...

8.8CVSS8.5AI score0.00254EPSS
Exploits0References1Affected Software1
Openbugbounty
Openbugbounty
added 2023/12/11 1:15 a.m.3 views

reproduction-galleries.com Improper Access Control vulnerability OBB-3809004

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
NVD
NVD
added 2023/11/22 4:15 p.m.30 views

CVE-2023-4686

The WP Customer Reviews plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 3.6.6 via the ajaxenabledposts function. This can allow authenticated attackers to extract sensitive data such as post titles and slugs, including those of protected and...

4.3CVSS0.00524EPSS
Exploits0References3
Prion
Prion
added 2023/11/22 4:15 p.m.25 views

Information disclosure

The WP Customer Reviews plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 3.6.6 via the ajaxenabledposts function. This can allow authenticated attackers to extract sensitive data such as post titles and slugs, including those of protected and...

4CVSS6.7AI score0.00524EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2023/10/30 1:48 p.m.62 views

CVE-2023-5583

CVE-2023-5583 affects WP Simple Galleries for WordPress (≤ v1.34). The vulnerability is a PHP Object Injection via deserialization of untrusted input from the wpsimplegallery_gallery post meta through the wpsgallery shortcode. It requires contributor-level permissions or higher and could enable a...

8.8CVSS8.8AI score0.01019EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2023/10/30 12:0 a.m.3 views

WordPress Plugin WP Simple Galleries Code Issue Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...

8.8CVSS7.5AI score0.01019EPSS
Exploits1References3
Patchstack
Patchstack
added 2023/10/29 12:0 a.m.10 views

WordPress WP Simple Galleries Plugin <= 1.34 is vulnerable to PHP Object Injection

Software WP Simple Galleries Type Plugin Vulnerable versions = 1.34 Fixed in N/A OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2023-5583 Patch priority Low CVSS severity Low 8.8 Developer Claim ownership PSID fbbcc5df46bc Credits István Márton Required privilege Contribut...

8.8CVSS6.8AI score0.01019EPSS
Exploits1References2Affected Software1
Openbugbounty
Openbugbounty
added 2023/10/25 1:57 p.m.10 views

nationalgalleries.org Cross Site Scripting vulnerability OBB-3765325

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Rows per page
Query Builder