Lucene search
K

588 matches found

CVE
CVE
added 2022/06/24 6:45 a.m.36 views

CVE-2017-20095

CVE-2017-20095 affects the WordPress plugin Simple Ads Manager . The connected sources describe a remote, network-exploitable vulnerability that leads to code injection due to manipulation of unknown code. Public documentation labels it as critical/high impact (e.g., NVD CVSS v3.1 base score 9.8,...

9.8CVSS8.2AI score0.0087EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/06/24 6:45 a.m.19 views

CVE-2017-20095 Simple Ads Manager Plugin code injection

A vulnerability classified as critical was found in Simple Ads Manager Plugin. This vulnerability affects unknown code. The manipulation leads to code injection. The attack can be initiated remotely...

6.3CVSS9.8AI score0.0087EPSS
Exploits1References2
CVE
CVE
added 2022/06/24 6:45 a.m.48 views

CVE-2017-20093

CVE-2017-20093 affects WordPress Plugin Download Manager (version 2.8.99). Multiple sources describe a cross-site request forgery vulnerability in an unspecified/unknown function, with remote exploitation possible. No concrete patch/version remediation is stated in the provided documents; further...

4.3CVSS4.6AI score0.00446EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/06/24 6:45 a.m.20 views

CVE-2017-20093 Download Manager Plugin cross-site request forgery

A vulnerability, which was classified as problematic, was found in Download Manager Plugin 2.8.99. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely...

4.3CVSS4.7AI score0.00446EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/06/24 6:45 a.m.5 views

CVE-2017-20093 Download Manager Plugin cross-site request forgery

A vulnerability, which was classified as problematic, was found in Download Manager Plugin 2.8.99. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely...

4.3CVSS7AI score0.00446EPSS
Exploits1References2
OSV
OSV
added 2022/06/23 5:15 a.m.3 views

CVE-2017-20091

A vulnerability was found in File Manager Plugin 3.0.1. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely...

6.5CVSS4.7AI score0.00403EPSS
Exploits1References2
NVD
NVD
added 2022/06/23 5:15 a.m.15 views

CVE-2017-20091

A vulnerability was found in File Manager Plugin 3.0.1. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely...

6.5CVSS0.00403EPSS
Exploits1References2
Prion
Prion
added 2022/06/23 5:15 a.m.16 views

Cross site request forgery (csrf)

A vulnerability was found in File Manager Plugin 3.0.1. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely...

4.3CVSS6.4AI score0.00403EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/06/23 4:20 a.m.7 views

CVE-2017-20091 File Manager Plugin cross-site request forgery

A vulnerability was found in File Manager Plugin 3.0.1. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely...

4.3CVSS7AI score0.00403EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/06/23 4:20 a.m.17 views

CVE-2017-20091 File Manager Plugin cross-site request forgery

A vulnerability was found in File Manager Plugin 3.0.1. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely...

4.3CVSS6.5AI score0.00403EPSS
Exploits1References2
CVE
CVE
added 2022/06/23 4:20 a.m.38 views

CVE-2017-20091

The CVE-2017-20091 entry concerns the WordPress File Manager Plugin version 3.0.1, where a cross-site request forgery (CSRF) vulnerability exists due to missing or improper request/token validation. The issue enables remote initiation of CSRF actions against the plugin, with the attack affecting ...

6.5CVSS5.3AI score0.00403EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2022/06/16 1:15 p.m.16 views

Cross site request forgery (csrf)

A vulnerability was found in XYZScripts Contact Form Manager Plugin. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the...

4.3CVSS4.7AI score0.00561EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2022/06/16 12:20 p.m.4 views

CVE-2017-20054 XYZScripts Contact Form Manager Plugin cross site scriting

A vulnerability was found in XYZScripts Contact Form Manager Plugin. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to basic cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and...

3.5CVSS5.4AI score0.00776EPSS
Exploits1References3
CVE
CVE
added 2022/06/16 12:20 p.m.35 views

CVE-2017-20054

CVE-2017-20054 concerns a basic cross-site scripting vulnerability in the XYZScripts Contact Form Manager Plugin (WordPress ecosystem). The issue affects an unspecified portion of functionality, can be triggered remotely, and the exploit has been disclosed publicly. The connected records confirm ...

5.4CVSS4.3AI score0.00776EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2022/06/16 12:20 p.m.24 views

CVE-2017-20054 XYZScripts Contact Form Manager Plugin cross site scriting

A vulnerability was found in XYZScripts Contact Form Manager Plugin. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to basic cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and...

3.5CVSS5.2AI score0.00776EPSS
Exploits1References3
CVE
CVE
added 2022/06/15 1:14 p.m.65 views

CVE-2022-29406

CVE-2022-29406 affects the DynamicWebLab WordPress Team Manager plugin

5.4CVSS4.9AI score0.00585EPSS
Exploits1References2Affected Software1
CNVD
CNVD
added 2022/06/15 12:0 a.m.18 views

WordPress Useful Banner Manager plugin跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Useful Banner Manager plugin version 1.6.1 and earlier versions are vulnerable to cross-site reques...

4.3CVSS2.9AI score0.00513EPSS
Exploits2Affected Software1
NVD
NVD
added 2022/06/13 1:15 p.m.13 views

CVE-2022-1985

The Download Manager Plugin for WordPress is vulnerable to reflected Cross-Site Scripting in versions up to, and including 3.2.42. This is due to insufficient input sanitization and output escaping on the 'frameid' parameter found in the /src/Package/views/shortcode-iframe.php file...

6.1CVSS0.01138EPSS
Exploits3References5
CVE
CVE
added 2022/06/13 12:44 p.m.75 views

CVE-2022-1985

CVE-2022-1985 affects WordPress Download Manager plugin up to version 3.2.42. The vulnerability is a reflected Cross-Site Scripting due to insufficient sanitization/escaping of the frameid parameter in the shortcode-iframe.php file. Impact described as XSS; no exploit details provided in the init...

6.1CVSS5.8AI score0.01138EPSS
Exploits3References5Affected Software1
Positive Technologies
Positive Technologies
added 2022/06/13 12:0 a.m.5 views

PT-2022-14237 · WordPress · Download Manager Plugin

Name of the Vulnerable Software and Affected Versions: Download Manager Plugin for WordPress versions up to, and including 3.2.42 Description: The issue is related to reflected Cross-Site Scripting due to insufficient input sanitization and output escaping on the frameid parameter found in the...

6.1CVSS5.9AI score0.01138EPSS
Exploits3References8
Rows per page
Query Builder