Lucene search
K

141 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:42 a.m.9 views

CVE-2024-37958

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Meks Meks Smart Author Widget allows Stored XSS.This issue affects Meks Smart Author Widget: from n/a through 1.1.4...

6.5CVSS6.8AI score0.00359EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 1:56 a.m.4 views

CVE-2023-25989

Cross-Site Request Forgery CSRF vulnerability in Meks Video Importer, Meks Time Ago, Meks ThemeForest Smart Widget, Meks Smart Author Widget, Meks Audio Player, Meks Easy Maps, Meks Easy Photo Feed Widget, Meks Simple Flickr Widget, Meks Easy Ads Widget, Meks Smart Social Widget plugins leading t...

8.8CVSS6.9AI score0.00378EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:32 p.m.5 views

CVE-2022-2574

The Meks Easy Social Share WordPress plugin before 1.2.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.6AI score0.00532EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:24 p.m.5 views

CVE-2021-24958

The Meks Easy Photo Feed Widget WordPress plugin before 1.2.4 does not have capability and CSRF checks in the mekssavebusinessselectedaccount AJAX action, available to any authenticated user, and does not escape some of the settings. As a result, any authenticated user, such as subscriber could...

5.4CVSS6.1AI score0.00591EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/09 3:26 p.m.5 views

CVE-2025-47621

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Meks Meks Flexible Shortcodes meks-flexible-shortcodes allows Stored XSS.This issue affects Meks Flexible Shortcodes: from n/a through = 1.3.6...

6.5CVSS7.2AI score0.00209EPSS
Exploits0References1
NVD
NVD
added 2025/05/07 3:16 p.m.16 views

CVE-2025-47621

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Meks Meks Flexible Shortcodes meks-flexible-shortcodes allows Stored XSS.This issue affects Meks Flexible Shortcodes: from n/a through = 1.3.6...

6.5CVSS0.00209EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/05/07 3:4 p.m.6 views

WordPress Meks Flexible Shortcodes plugin <= 1.3.6 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin Meks Flexible Shortcodes versions = 1.3.6...

6.5CVSS7.1AI score0.00209EPSS
Exploits0Affected Software1
CVE
CVE
added 2025/05/07 2:20 p.m.47 views

CVE-2025-47621

CVE-2025-47621 affects Meks Flexible Shortcodes (WordPress plugin), with stored XSS due to improper input neutralization in web page generation. Affected versions are 1.3.6 and earlier. The vulnerability was labeled patched in the Wordfence vulnerability details, indicating a fix is available, th...

6.5CVSS7.2AI score0.00209EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/07 2:20 p.m.6 views

CVE-2025-47621 WordPress Meks Flexible Shortcodes plugin <= 1.3.6 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Meks Meks Flexible Shortcodes meks-flexible-shortcodes allows Stored XSS.This issue affects Meks Flexible Shortcodes: from n/a through = 1.3.6...

6.5CVSS7.2AI score0.00209EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/07 2:20 p.m.14 views

CVE-2025-47621 WordPress Meks Flexible Shortcodes plugin <= 1.3.6 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Meks Meks Flexible Shortcodes meks-flexible-shortcodes allows Stored XSS.This issue affects Meks Flexible Shortcodes: from n/a through = 1.3.6...

6.5CVSS0.00209EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/07 12:0 a.m.2 views

WordPress plugin Meks Flexible Shortcodes 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...

6.5CVSS6.5AI score0.00209EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/07 12:0 a.m.3 views

PT-2025-20187 · Unknown · Meks Flexible Shortcodes

Name of the Vulnerable Software and Affected Versions: Meks Flexible Shortcodes versions 1.3.6 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Stored XSS. This enables potential attackers to...

6.5CVSS6.8AI score0.00209EPSS
Exploits0References3
NVD
NVD
added 2024/11/01 3:15 p.m.9 views

CVE-2024-38733

Missing Authorization vulnerability in Meks Meks Video Importer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Meks Video Importer: from n/a through 1.0.12...

5.4CVSS0.00374EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/01 2:18 p.m.12 views

CVE-2024-38733 WordPress Meks Video Importer plugin <= 1.0.12 - Broken Access Control vulnerability

Missing Authorization vulnerability in Meks Meks Video Importer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Meks Video Importer: from n/a through 1.0.12...

5.4CVSS6.9AI score0.00374EPSS
Exploits0References1
CVE
CVE
added 2024/11/01 2:18 p.m.42 views

CVE-2024-38733

CVE-2024-38733 refers to a Missing Authorization vulnerability in the WordPress plugin Meks Video Importer (affected: versions up to and including 1.0.12). The issue results from incorrectly configured access control, described as a Missing Authorization / Broken Access Control scenario, allowing...

5.4CVSS5.5AI score0.00374EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/01 2:18 p.m.15 views

CVE-2024-38733 WordPress Meks Video Importer plugin <= 1.0.12 - Broken Access Control vulnerability

Missing Authorization vulnerability in Meks Meks Video Importer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Meks Video Importer: from n/a through 1.0.12...

5.4CVSS0.00374EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/01 12:0 a.m.5 views

WordPress plugin Meks Video Importer 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

5.4CVSS6.6AI score0.00374EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/01 12:0 a.m.5 views

PT-2024-28177 · Unknown · Meks Video Importer

Name of the Vulnerable Software and Affected Versions: Meks Video Importer versions 1.0.12 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploitation of incorrectly configured access control security levels. Recommendations: For Meks Video...

5.4CVSS6.5AI score0.00374EPSS
Exploits0References3
NVD
NVD
added 2024/07/21 7:15 a.m.15 views

CVE-2024-37548

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Meks Meks Easy Ads Widget allows Stored XSS.This issue affects Meks Easy Ads Widget: from n/a through 2.0.8...

5.9CVSS0.00274EPSS
Exploits0References1
OSV
OSV
added 2024/07/21 7:15 a.m.3 views

CVE-2024-37548

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Meks Meks Easy Ads Widget allows Stored XSS.This issue affects Meks Easy Ads Widget: from n/a through 2.0.8...

5.4CVSS5.8AI score0.00274EPSS
Exploits0References1
Rows per page
Query Builder