Lucene search
K

210 matches found

Vulnrichment
Vulnrichment
added 2024/10/17 7:35 p.m.18 views

CVE-2024-49248 WordPress Ad Inserter plugin <= 2.7.37 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Spacetime Ad Inserter ad-inserter allows Reflected XSS.This issue affects Ad Inserter: from n/a through = 2.7.37...

7.1CVSS5.2AI score0.00328EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/17 7:35 p.m.21 views

CVE-2024-49248 WordPress Ad Inserter plugin <= 2.7.37 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Spacetime Ad Inserter ad-inserter allows Reflected XSS.This issue affects Ad Inserter: from n/a through = 2.7.37...

7.1CVSS0.00328EPSS
Exploits0References1
CVE
CVE
added 2024/10/17 7:35 p.m.50 views

CVE-2024-49248

CVE-2024-49248 affects WordPress Ad Inserter plugin (versions

7.1CVSS5.9AI score0.00328EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/10/17 12:0 a.m.2 views

WordPress plugin Ad Inserter 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A cross-site...

7.1CVSS6AI score0.00328EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/10/17 12:0 a.m.6 views

PT-2024-33386 · Unknown · Ad Inserter

Name of the Vulnerable Software and Affected Versions: Ad Inserter versions n/a through 2.7.37 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Reflected XSS. Recommendations: For versions n/a...

7.1CVSS6.5AI score0.00328EPSS
Exploits0References4
Patchstack
Patchstack
added 2024/10/14 11:56 a.m.3 views

WordPress Ad Inserter plugin <= 2.7.37 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Ad Inserter versions = 2.7.37...

7.1CVSS6.1AI score0.00328EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/10/14 12:0 a.m.9 views

WordPress Ad Inserter Plugin <= 2.7.37 is vulnerable to Cross Site Scripting (XSS)

Software Ad Inserter Type Plugin Vulnerable versions = 2.7.37 Fixed in 2.7.38 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-49248 Patch priority Medium CVSS severity Medium 7.1 Developer Igor Funa PSID d47d8c812c52 Credits Rafie Muhammad Patchstack Required...

7.1CVSS6.8AI score0.00328EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/08/13 12:0 a.m.4 views

PT-2024-40839 · Unknown · Javaparser

Name of the Vulnerable Software and Affected Versions: JavaParser affected versions not specified Description: The issue is related to a security exception in the CommentsInserter class. The crash occurs in the insertComments function, which is part of the JavaParser library. The error is also...

6.9AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/05/30 12:0 a.m.5 views

PT-2024-40787 · Unknown · Javaparser

Name of the Vulnerable Software and Affected Versions: JavaParser affected versions not specified Description: The issue is related to a security exception in the CommentsInserter class. The crash occurs in the insertComments function, which is part of the JavaParser library. The error is also...

6.9AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/05/20 12:0 a.m.6 views

PT-2024-40780 · Unknown · Javaparser

Name of the Vulnerable Software and Affected Versions: JavaParser affected versions not specified Description: A security exception crash has been reported. The crash involves the insertComments function in com.github.javaparser.CommentsInserter, and the equals methods in...

7AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/05/08 12:0 a.m.4 views

PT-2024-40768 · Oracle · Java.Base

Name of the Vulnerable Software and Affected Versions: com.github.javaparser affected versions not specified Description: The issue is related to a security exception. Technical details about the crash include the insertComments function in com.github.javaparser.CommentsInserter, as well as the...

6.9AI score
Exploits0References2
Patchstack
Patchstack
added 2024/03/29 12:0 a.m.8 views

WordPress AdsPlace'r – Ad Manager, Inserter, AdSense Ads Plugin <= 1.1.5 is vulnerable to Cross Site Scripting (XSS)

Software AdsPlace'r – Ad Manager, Inserter, AdSense Ads Type Plugin Vulnerable versions = 1.1.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-31088 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID f29b9c4efc4a Credits Dim...

6.6AI score0.00182EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/03/01 5:15 p.m.1 views

CVE-2024-2073

A vulnerability has been found in SourceCodester Block Inserter for Dynamic Content 1.0 and classified as critical. This vulnerability affects unknown code of the file viewpost.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has...

8.8CVSS5.7AI score0.00692EPSS
Exploits1References3
Prion
Prion
added 2024/03/01 5:15 p.m.12 views

Sql injection

A vulnerability has been found in SourceCodester Block Inserter for Dynamic Content 1.0 and classified as critical. This vulnerability affects unknown code of the file viewpost.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has...

6.5CVSS7.9AI score0.00692EPSS
Exploits1References3
CVE
CVE
added 2024/03/01 5:0 p.m.75 views

CVE-2024-2073

CVE-2024-2073 affects SourceCodester Block Inserter for Dynamic Content 1.0, with a SQL injection in the view_post.php file triggered by the id parameter. The vulnerability is exploitable remotely and public exploits are reported; multiple sources (Red Hat, CVE boards, vulnerability catalogs) con...

8.8CVSS6.9AI score0.00692EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2024/03/01 5:0 p.m.33 views

CVE-2024-2073 SourceCodester Block Inserter for Dynamic Content view_post.php sql injection

A vulnerability has been found in SourceCodester Block Inserter for Dynamic Content 1.0 and classified as critical. This vulnerability affects unknown code of the file viewpost.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has...

6.5CVSS7.2AI score0.00692EPSS
Exploits1References3
CNNVD
CNNVD
added 2024/03/01 12:0 a.m.5 views

Block Inserter for Dynamic Content SQL Injection Vulnerability

Block Inserter for Dynamic Content is a simple web application by oretnom23 Individual Developer for inserting one or more blocks into site pages with dynamic content. A SQL injection vulnerability exists in Block Inserter for Dynamic Content version 1.0, which stems from an SQL injection issue i...

8.8CVSS7.9AI score0.00692EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/03/01 12:0 a.m.4 views

PT-2024-18698 · Unknown · Sourcecodester Block Inserter For Dynamic Content

Name of the Vulnerable Software and Affected Versions: SourceCodester Block Inserter for Dynamic Content version 1.0 Description: A critical issue has been discovered, affecting the view post.php file. The manipulation of the id argument leads to SQL injection. This issue can be initiated remotel...

8.8CVSS7.9AI score0.00692EPSS
Exploits1References4
VulnCheck KEV
VulnCheck KEV
added 2023/11/27 12:0 a.m.2 views

VulnCheck KEV: CVE-2018-3810

Authentication Bypass vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to insert arbitrary JavaScript or HTML code via the sgcgoogleanalytic parameter that runs on all pages served by WordPress. The saveGoogleCode function...

9.8CVSS7.5AI score0.91477EPSS
Exploits5References1
NVD
NVD
added 2023/10/20 8:15 a.m.30 views

CVE-2023-4668

The Ad Inserter for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.7.30 via the ai-debug-processing-fe URL parameter. This can allow unauthenticated attackers to extract sensitive data including installed plugins present and active, active theme,...

7.5CVSS6AI score0.00512EPSS
Exploits0References2
Rows per page
Query Builder