Lucene search
K

3985 matches found

Patchstack
Patchstack
added 2024/01/08 12:0 a.m.16 views

WordPress WP Social Bookmark Menu Plugin <= 1.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software WP Social Bookmark Menu Type Plugin Vulnerable versions = 1.2 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-7074 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID ca5c286b56c4 Credits Daniel Ruf...

8.8CVSS6.6AI score0.00329EPSS
Exploits2References2Affected Software1
OSV
OSV
added 2024/01/05 10:15 a.m.4 views

CVE-2023-51673

Cross-Site Request Forgery CSRF vulnerability in Designful Stylish Price List – Price Table Builder & QR Code Restaurant Menu.This issue affects Stylish Price List – Price Table Builder & QR Code Restaurant Menu: from n/a through 7.0.17...

9.8CVSS5.8AI score0.00249EPSS
Exploits0References1
NVD
NVD
added 2024/01/05 10:15 a.m.20 views

CVE-2023-51673

Cross-Site Request Forgery CSRF vulnerability in Designful Stylish Price List – Price Table Builder & QR Code Restaurant Menu.This issue affects Stylish Price List – Price Table Builder & QR Code Restaurant Menu: from n/a through 7.0.17...

9.8CVSS6.6AI score0.00249EPSS
Exploits0References1
Prion
Prion
added 2024/01/05 10:15 a.m.13 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Designful Stylish Price List – Price Table Builder & QR Code Restaurant Menu.This issue affects Stylish Price List – Price Table Builder & QR Code Restaurant Menu: from n/a through 7.0.17...

7.5CVSS7.4AI score0.00249EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/01/05 9:54 a.m.27 views

CVE-2023-51673 WordPress Stylish Price List Plugin <= 7.0.17 is vulnerable to Broken Access Control

Cross-Site Request Forgery CSRF vulnerability in Designful Stylish Price List – Price Table Builder & QR Code Restaurant Menu.This issue affects Stylish Price List – Price Table Builder & QR Code Restaurant Menu: from n/a through 7.0.17...

5.4CVSS9.7AI score0.00249EPSS
Exploits0References1
CVE
CVE
added 2024/01/05 9:54 a.m.44 views

CVE-2023-51673

CVE-2023-51673 concerns Cross-Site Request Forgery in the Stylish Price List – Price Table Builder & QR Code Restaurant Menu WordPress plugin (affected: from n/a through 7.0.17). The issue is a CSRF flaw (no details on exploit path beyond CSRF) that could enable unauthorized actions by a logged-i...

9.8CVSS8.6AI score0.00249EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/05 12:0 a.m.18 views

SlickNav Mobile Menu < 1.9.3 - Authenticated (Admin+) Stored Cross-Site Scripting

Description The SlickNav Mobile Menu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.9.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

5.9CVSS5.9AI score0.00336EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/12/27 12:0 a.m.9 views

WordPress SlickNav Mobile Menu Plugin <= 1.9.2 is vulnerable to Cross Site Scripting (XSS)

Software SlickNav Mobile Menu Type Plugin Vulnerable versions = 1.9.2 Fixed in 1.9.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-51548 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID f9f71fa8ec0f Credits Mika Required privilege...

5.9CVSS6.6AI score0.00336EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/12/26 12:0 a.m.4 views

PT-2023-10177 · Bestwebsoft · Bestwebsoft Portfolio Plugin

Name of the Vulnerable Software and Affected Versions: BestWebSoft Portfolio Plugin versions up to 2.27 Description: A vulnerability was found in the BestWebSoft Portfolio Plugin, affecting the function bws add menu render of the file bws menu/bws menu.php. The manipulation of the argument bwsmn...

6.1CVSS4.2AI score0.00401EPSS
Exploits0References5
NVD
NVD
added 2023/12/21 7:15 p.m.17 views

CVE-2023-50834

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in August Infotech WooCommerce Menu Extension allows Stored XSS.This issue affects WooCommerce Menu Extension: from n/a through 1.6.2...

6.5CVSS0.00303EPSS
Exploits0References1
OSV
OSV
added 2023/12/21 7:15 p.m.2 views

CVE-2023-50834

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in August Infotech WooCommerce Menu Extension allows Stored XSS.This issue affects WooCommerce Menu Extension: from n/a through 1.6.2...

5.4CVSS7.3AI score0.00303EPSS
Exploits0References1
Prion
Prion
added 2023/12/21 7:15 p.m.17 views

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in August Infotech WooCommerce Menu Extension allows Stored XSS.This issue affects WooCommerce Menu Extension: from n/a through 1.6.2...

4.9CVSS6.9AI score0.00303EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/12/21 6:14 p.m.50 views

CVE-2023-50834

CVE-2023-50834 : Stored Cross-Site Scripting in WooCommerce Menu Extension (Affected: WooCommerce Menu Extension

6.5CVSS6.7AI score0.00303EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/12/21 6:14 p.m.23 views

CVE-2023-50834 WordPress WooCommerce Menu Extension Plugin <= 1.6.2 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in August Infotech WooCommerce Menu Extension allows Stored XSS.This issue affects WooCommerce Menu Extension: from n/a through 1.6.2...

6.5CVSS6.6AI score0.00303EPSS
Exploits0References1
OSV
OSV
added 2023/12/21 3:15 p.m.4 views

CVE-2023-50826

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Freshlight Lab Menu Image, Icons made easy allows Stored XSS.This issue affects Menu Image, Icons made easy: from n/a through 3.10...

4.8CVSS7.3AI score0.00352EPSS
Exploits0References1
NVD
NVD
added 2023/12/21 3:15 p.m.24 views

CVE-2023-50826

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Freshlight Lab Menu Image, Icons made easy allows Stored XSS.This issue affects Menu Image, Icons made easy: from n/a through 3.10...

5.9CVSS0.00352EPSS
Exploits0References1
Prion
Prion
added 2023/12/21 3:15 p.m.20 views

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Freshlight Lab Menu Image, Icons made easy allows Stored XSS.This issue affects Menu Image, Icons made easy: from n/a through 3.10...

4.3CVSS6.9AI score0.00352EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/12/21 2:46 p.m.43 views

CVE-2023-50826

CVE-2023-50826 : Stored XSS in the WordPress plugin Menu Image, Icons made easy (affected through 3.10). The vulnerability is described as an input handling issue during web page generation (XSS) and is currently listed as Unpatched per the connected documents; patch/update availability is not pr...

5.9CVSS6.5AI score0.00352EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/12/21 2:46 p.m.24 views

CVE-2023-50826 WordPress Menu Image, Icons made easy Plugin <= 3.10 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Freshlight Lab Menu Image, Icons made easy allows Stored XSS.This issue affects Menu Image, Icons made easy: from n/a through 3.10...

5.9CVSS5.9AI score0.00352EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/12/21 2:42 p.m.11 views

CVE-2023-7047

Inadequate validation of permissions when employing remote tools and macros via the context menu within Devolutions Remote Desktop Manager versions 2023.3.31 and earlier permits a user to initiate a connection without proper execution rights via the remote tools feature. This affects only SQL dat...

7.6AI score0.00165EPSS
Exploits0References1
Rows per page
Query Builder