Lucene search
K

11 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2021-25705

Malware in sbrugna...

5.5CVSS5.2AI score0.01045EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2021/10/27 12:0 a.m.10 views

The vulnerability of the ~/admin/class-kjm-admin-notices-admin.php component of the KJM Admin Notices plugin for WordPress content management system allows a hacker to perform cross-site scripting attacks.

The vulnerability of the /admin/class-kjm-admin-notices-admin.php component of the KJM Admin Notices plugin for WordPress management systems of WordPress websites is related to the lack of measures taken to protect the website’s structure. Exploiting this vulnerability could allow a malicious act...

5.5CVSS5.3AI score0.01045EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2021/10/15 1:15 p.m.9 views

CVE-2021-39344

The KJM Admin Notices WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the /admin/class-kjm-admin-notices-admin.php file which allowed attackers with administrative user access to inject arbitrary w...

5.5CVSS0.01045EPSS
Exploits1References3
OSV
OSV
added 2021/10/15 1:15 p.m.3 views

CVE-2021-39344

The KJM Admin Notices WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the /admin/class-kjm-admin-notices-admin.php file which allowed attackers with administrative user access to inject arbitrary w...

4.8CVSS5.8AI score0.01045EPSS
Exploits1References3
Prion
Prion
added 2021/10/15 1:15 p.m.10 views

Cross site scripting

The KJM Admin Notices WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the /admin/class-kjm-admin-notices-admin.php file which allowed attackers with administrative user access to inject arbitrary w...

2.1CVSS4.8AI score0.01045EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2021/10/15 12:15 p.m.15 views

CVE-2021-39344 KJM Admin Notices <= 2.0.1 Authenticated Stored Cross-Site Scripting

The KJM Admin Notices WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the /admin/class-kjm-admin-notices-admin.php file which allowed attackers with administrative user access to inject arbitrary w...

5.5CVSS5.4AI score0.01045EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2021/10/15 12:15 p.m.11 views

CVE-2021-39344 KJM Admin Notices <= 2.0.1 Authenticated Stored Cross-Site Scripting

The KJM Admin Notices WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the /admin/class-kjm-admin-notices-admin.php file which allowed attackers with administrative user access to inject arbitrary w...

5.5CVSS5.8AI score0.01045EPSS
Exploits1References3
CVE
CVE
added 2021/10/15 12:15 p.m.50 views

CVE-2021-39344

CVE-2021-39344: The KJM Admin Notices WordPress plugin (versions

5.5CVSS4.9AI score0.01045EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2021/10/15 12:0 a.m.1 views

WordPress 插件 跨站脚本漏洞

WordPress Plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists in the WordPress plugin KJM Admin Notices, which stems from insufficient input validation and cleanup of several parameters found in the /admin/class-kjm-admin-notices-admin.php file,...

5.5CVSS5AI score0.01045EPSS
Exploits1References5
WPVulnDB
WPVulnDB
added 2021/10/14 12:0 a.m.17 views

KJM Admin Notices <= 2.0.1 - Admin+ Stored Cross-Site Scripting

The plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the /admin/class-kjm-admin-notices-admin.php file which allowed attackers with administrative user access to inject arbitrary web scripts. This affects...

5.5CVSS4.4AI score0.01045EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2021/10/14 12:0 a.m.17 views

WordPress KJM Admin Notices plugin <= 2.0.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Thinkland Security Team in WordPress KJM Admin Notices plugin versions = 2.0.1. Solution Deactivate and delete. This plugin has been closed as of October 13, 2021 and is not available for download. This closure is temporary...

5.5CVSS1.9AI score0.01045EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder