Lucene search
K

25 matches found

Cvelist
Cvelist
added 2026/01/09 11:15 a.m.29 views

CVE-2025-11453 Header and Footer Scripts <= 2.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Header and Footer Scripts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the inpostheadscript parameter in all versions up to, and including, 2.3.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS0.00235EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/01/09 12:0 a.m.8 views

PT-2026-1694

Name of the Vulnerable Software and Affected Versions Header and Footer Scripts plugin for WordPress versions up to and including 2.2.2 Description The Header and Footer Scripts plugin for WordPress is susceptible to Stored Cross-Site Scripting through the inpost head script parameter. Insufficie...

6.4CVSS5.1AI score0.00235EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/01/09 12:0 a.m.7 views

WordPress plugin Header and Footer Scripts 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

6.4CVSS5.8AI score0.00235EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2024-52109

Malicious code in bioql PyPI...

7.1CVSS8.9AI score0.00152EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-14789

Malicious code in bioql PyPI...

6.5CVSS7.3AI score0.00252EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/05 2:37 p.m.12 views

CVE-2025-31091

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CreativeMindsSolutions CM Header and Footer cm-header-footer-script-loader allows Stored XSS.This issue affects CM Header and Footer: from n/a through = 1.2.4...

6.5CVSS7.2AI score0.00252EPSS
Exploits0References1
NVD
NVD
added 2025/04/03 2:15 p.m.7 views

CVE-2025-31091

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CreativeMindsSolutions CM Header and Footer cm-header-footer-script-loader allows Stored XSS.This issue affects CM Header and Footer: from n/a through = 1.2.4...

6.5CVSS0.00252EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/03 1:27 p.m.5 views

CVE-2025-31091 WordPress CM Header and Footer plugin <= 1.2.4 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CreativeMindsSolutions CM Header and Footer cm-header-footer-script-loader allows Stored XSS.This issue affects CM Header and Footer: from n/a through = 1.2.4...

6.5CVSS8.6AI score0.00252EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/03 12:0 a.m.5 views

WordPress plugin CreativeMindsSolutions CM Header and Footer 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.5CVSS6.7AI score0.00252EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/02/03 4:18 p.m.6 views

WordPress CM Header & Footer Script Loader plugin <= 1.2.2 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Peter Thaleikis Patchstack Alliance in WordPress Plugin CM Header and Footer versions = 1.2.2...

7.1CVSS6.1AI score0.00363EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/02/03 3:28 p.m.5 views

WordPress CM Header & Footer Script Loader plugin <= 1.2.0 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin CM Header and Footer versions = 1.2.0...

7.1CVSS6.1AI score0.00363EPSS
Exploits0Affected Software1
NVD
NVD
added 2024/12/02 2:15 p.m.18 views

CVE-2024-53777

Cross-Site Request Forgery CSRF vulnerability in Alberto Reineri Simple Header and Footer simple-header-and-footer allows Stored XSS.This issue affects Simple Header and Footer: from n/a through = 1.0.0...

7.1CVSS0.00152EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/02 1:48 p.m.5 views

CVE-2024-53777 WordPress Simple Header and Footer plugin <= 1.0.0 - CSRF to Stored Cross Site Scripting (XSS) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Alberto Reineri Simple Header and Footer allows Stored XSS.This issue affects Simple Header and Footer: from n/a through 1.0.0...

7.1CVSS6.8AI score0.00152EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/02 1:48 p.m.17 views

CVE-2024-53777 WordPress Simple Header and Footer plugin <= 1.0.0 - CSRF to Stored Cross Site Scripting (XSS) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Alberto Reineri Simple Header and Footer simple-header-and-footer allows Stored XSS.This issue affects Simple Header and Footer: from n/a through = 1.0.0...

7.1CVSS0.00152EPSS
Exploits0References1
CVE
CVE
added 2024/12/02 1:48 p.m.37 views

CVE-2024-53777

CVE-2024-53777 describes a CSRF-to-Stored XSS vulnerability in the WordPress plugin Simple Header and Footer (versions n/a through 1.0.0). Affected component is the Simple Header and Footer plugin for WordPress; root cause is CSRF enabling stored script execution, potentially impacting users of t...

7.1CVSS7.2AI score0.00152EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/11/28 2:39 p.m.6 views

WordPress Simple Header and Footer plugin <= 1.0.0 - CSRF to Stored Cross Site Scripting (XSS) vulnerability

CSRF to Stored Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Simple Header and Footer versions = 1.0.0...

7.1CVSS5.9AI score0.00152EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/11/25 9:52 p.m.5 views

WordPress CM Header & Footer Script Loader plugin <= 1.2.1 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin CM Header and Footer versions = 1.2.1...

6.1CVSS6.3AI score0.00584EPSS
Exploits0References1Affected Software1
Github Security Blog
Github Security Blog
added 2023/10/24 12:31 a.m.37 views

Concrete CMS Cross-site Scripting vulnerability

Multiple Cross Site Scripting XSS vulnerabilities in Concrete CMS v.9.2.1 allow an attacker to execute arbitrary code via a crafted script to the Header and Footer Tracking Codes of the SEO & Statistics...

4.8CVSS6.8AI score0.00637EPSS
Exploits2References5Affected Software1
Cvelist
Cvelist
added 2023/10/23 12:0 a.m.51 views

CVE-2023-44760

Multiple Cross Site Scripting XSS vulnerabilities in Concrete CMS v.9.2.1 allow an attacker to execute arbitrary code via a crafted script to the Header and Footer Tracking Codes of the SEO & Statistics. NOTE: the vendor disputes this because these header/footer changes can only be made by an...

5.6AI score0.00637EPSS
Exploits1References3
Veracode
Veracode
added 2023/05/30 8:9 a.m.22 views

Cross-Site Scripting (XSS)

moodle/moodle is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to a lack of sanitization in the Header and Footer parameter in settings.php which allows an attacker to inject and execute arbitrary JavaScript into the browser...

5.4CVSS6.5AI score0.00686EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder