Lucene search
K

20 matches found

CVE
CVE
added yesterday5 views

CVE-2026-57351

CVE-2026-57351 affects the WordPress plugin HandL UTM Grabber up to version 2.9.2, with an unauthenticated XSS vulnerability. The connected documents provide the vulnerability type and affected software but do not supply root cause specifics, exploit details, or a remediation. CVSS data (3.1) fro...

7.1CVSS5.8AI score
Exploits0References1
Cvelist
Cvelist
added yesterday5 views

CVE-2026-57351 WordPress HandL UTM Grabber plugin <= 2.9.2 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in HandL UTM Grabber = 2.9.2 versions...

7.1CVSS
Exploits0References1
Patchstack
Patchstack
added 2025/12/15 6:6 p.m.12 views

WordPress HandL UTM Grabber / Tracker plugin <= 2.8.0 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Alex Tselevich nos3curity in WordPress Plugin HandL UTM Grabber versions = 2.8.0...

7.1CVSS6.1AI score0.00145EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/12/11 6:3 a.m.19 views

CVE-2025-13072

The HandL UTM Grabber / Tracker WordPress plugin before 2.8.1 does not sanitize and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS6AI score0.00145EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/10 6:30 a.m.5 views

EUVD-2025-202398

The HandL UTM Grabber / Tracker WordPress plugin before 2.8.1 does not sanitize and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS5.6AI score0.00145EPSS
Exploits0References2
CVE
CVE
added 2025/12/10 6:0 a.m.15 views

CVE-2025-13073

CVE-2025-13073 refers to the HandL UTM Grabber / Tracker WordPress plugin (versions before 2.8.1). The issue is a Reflected Cross‑Site Scripting flaw where a parameter is output without proper sanitization/escaping, enabling an attacker to potentially affect high‑privilege users (e.g., admin). Af...

7.1CVSS5.7AI score0.00145EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/10 6:0 a.m.26 views

CVE-2025-13073 HandL UTM Grabber / Tracker < 2.8.1 - Reflected XSS via handl_landing_page

The HandL UTM Grabber / Tracker WordPress plugin before 2.8.1 does not sanitize and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

0.00145EPSS
Exploits0References1
CVE
CVE
added 2025/12/10 6:0 a.m.21 views

CVE-2025-13072

The HandL UTM Grabber / Tracker WordPress plugin (versions prior to 2.8.1) is affected by CVE-2025-13072 due to improper sanitization/escaping of a parameter before it is reflected back on the page, enabling a Reflected XSS that could target high-privilege users such as admins. The issue is confi...

7.1CVSS5.7AI score0.00145EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/10 6:0 a.m.2 views

CVE-2025-13072 HandL UTM Grabber / Tracker < 2.8.1 - Reflected XSS via utm_source

The HandL UTM Grabber / Tracker WordPress plugin before 2.8.1 does not sanitize and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

5.7AI score0.00145EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/10 6:0 a.m.25 views

CVE-2025-13072 HandL UTM Grabber / Tracker < 2.8.1 - Reflected XSS via utm_source

The HandL UTM Grabber / Tracker WordPress plugin before 2.8.1 does not sanitize and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

0.00145EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/10 12:0 a.m.5 views

WordPress plugin HandL UTM Grabber / Tracker 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. A security...

7.1CVSS5.9AI score0.00145EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2019-6693

Malware in sbrugna...

8.8CVSS8.8AI score0.00799EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/22 8:31 a.m.8 views

CVE-2019-15769

The handl-utm-grabber plugin before 2.6.5 for WordPress has CSRF via addoption and updateoption...

8.8CVSS7.1AI score0.00799EPSS
Exploits0References1
CNVD
CNVD
added 2019/08/30 12:0 a.m.3 views

WordPress handl-utm-grabber cross-site request forgery vulnerability

WordPress is a blogging platform from the WordPress Foundation developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. handl-utm-grabber is a plugin used in it to add hidden fields to forms and capture UTM variables. A cross-site request forgery...

8.8CVSS6.7AI score0.00799EPSS
Exploits0References1
NVD
NVD
added 2019/08/29 12:15 p.m.26 views

CVE-2019-15769

The handl-utm-grabber plugin before 2.6.5 for WordPress has CSRF via addoption and updateoption...

8.8CVSS8.8AI score0.00799EPSS
Exploits0References3
OSV
OSV
added 2019/08/29 12:15 p.m.3 views

CVE-2019-15769

The handl-utm-grabber plugin before 2.6.5 for WordPress has CSRF via addoption and updateoption...

8.8CVSS7.3AI score0.00799EPSS
Exploits0References3
Prion
Prion
added 2019/08/29 12:15 p.m.13 views

Cross site request forgery (csrf)

The handl-utm-grabber plugin before 2.6.5 for WordPress has CSRF via addoption and updateoption...

6.8CVSS8.8AI score0.00799EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2019/08/29 11:21 a.m.27 views

CVE-2019-15769

The handl-utm-grabber plugin before 2.6.5 for WordPress has CSRF via addoption and updateoption...

8.9AI score0.00799EPSS
Exploits0References3
CVE
CVE
added 2019/08/29 11:21 a.m.57 views

CVE-2019-15769

The CVE-2019-15769 entry concerns the WordPress plugin HandL UTM Grabber, affected prior to version 2.6.5. The vulnerability is described as a cross-site request forgery (CSRF) via add_option and update_option, effectively an authenticated option change vulnerability. Root cause details across so...

8.8CVSS8.8AI score0.00799EPSS
Exploits0References3Affected Software1
WPVulnDB
WPVulnDB
added 2019/08/27 12:0 a.m.20 views

HandL UTM Grabber < 2.6.5 - Authenticated Option Change via CSRF

The HandL UTM Grabber / Tracker WordPress plugin was affected by an Authenticated Option Change via CSRF security vulnerability...

6.8CVSS2.9AI score0.00799EPSS
Exploits0Affected Software1
Rows per page
Query Builder