Lucene search
K

21 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-30383

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.0032EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:17 a.m.5 views

CVE-2024-32581

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Lenderd Mortgage Calculators WP allows Stored XSS.This issue affects Mortgage Calculators WP: from n/a through 1.56...

6.5CVSS5.2AI score0.0032EPSS
Exploits0References1
NVD
NVD
added 2024/04/18 10:15 a.m.12 views

CVE-2024-32581

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Lenderd Mortgage Calculators WP allows Stored XSS.This issue affects Mortgage Calculators WP: from n/a through 1.56...

6.5CVSS6.4AI score0.0032EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/18 9:23 a.m.24 views

CVE-2024-32581 WordPress Mortgage Calculators WP plugin <= 1.56 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Lenderd Mortgage Calculators WP allows Stored XSS.This issue affects Mortgage Calculators WP: from n/a through 1.56...

6.5CVSS6.7AI score0.0032EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/18 9:23 a.m.16 views

CVE-2024-32581 WordPress Mortgage Calculators WP plugin <= 1.56 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Lenderd Mortgage Calculators WP allows Stored XSS.This issue affects Mortgage Calculators WP: from n/a through 1.56...

6.5CVSS6.6AI score0.0032EPSS
Exploits0References1
CVE
CVE
added 2024/04/18 9:23 a.m.78 views

CVE-2024-32581

CVE-2024-32581 is a Stored XSS in Mortgage Calculators WP plugin affecting versions up to 1.56. Root cause: Improper input neutralization during web page generation. Impact (per provided metrics): low to moderate across confidentiality, integrity, availability; overall CVSS 3.1 base score 6.5 (ME...

6.5CVSS5.2AI score0.0032EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/04/18 12:0 a.m.4 views

PT-2024-24703 · WordPress · Mortgage Calculators Wp

Name of the Vulnerable Software and Affected Versions: Mortgage Calculators WP versions 1.56 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for Stored XSS. This means that an attacker can inject malicious scripts into the...

6.5CVSS6.3AI score0.0032EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/04/18 12:0 a.m.4 views

WordPress Plugin Mortgage Calculators WP 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

6.5CVSS5.9AI score0.0032EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/04/16 3:0 p.m.5 views

WordPress Mortgage Calculators WP plugin <= 1.56 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by NGÔ THIÊN AN Patchstack Alliance in WordPress Plugin Mortgage Calculators WP versions = 1.56...

6.5CVSS6.1AI score0.0032EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/04/16 12:0 a.m.14 views

WordPress Mortgage Calculators WP Plugin <= 1.56 is vulnerable to Cross Site Scripting (XSS)

Software Mortgage Calculators WP Type Plugin Vulnerable versions = 1.56 Fixed in 1.60 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32581 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID c47f59b4c10d Credits Ngô Thiên An ancorn from VNPT-VC...

6.5CVSS6.6AI score0.0032EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2022/03/08 12:0 a.m.19 views

WordPress Mortgage Calculators WP Cross-Site Scripting Vulnerability

WordPress is the WordPress Foundation's suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blog sites on servers with PHP and MySQL. WordPress Mortgage Calculators WP suffers from a cross-site scripting vulnerability, for which no detailed...

4.8CVSS0.6AI score0.05086EPSS
Exploits5References1
OSV
OSV
added 2022/02/14 12:15 p.m.3 views

CVE-2021-24904

The Mortgage Calculators WP WordPress plugin before 1.56 does not implement any sanitisation on the color setting of the background of a calculator, which could allow high privilege users to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS5.8AI score0.05086EPSS
Exploits5References1
NVD
NVD
added 2022/02/14 12:15 p.m.21 views

CVE-2021-24904

The Mortgage Calculators WP WordPress plugin before 1.56 does not implement any sanitisation on the color setting of the background of a calculator, which could allow high privilege users to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS0.05086EPSS
Exploits5References1
Prion
Prion
added 2022/02/14 12:15 p.m.12 views

Cross site scripting

The Mortgage Calculators WP WordPress plugin before 1.56 does not implement any sanitisation on the color setting of the background of a calculator, which could allow high privilege users to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

3.5CVSS4.7AI score0.05086EPSS
Exploits5References1Affected Software1
Cvelist
Cvelist
added 2022/02/14 9:20 a.m.26 views

CVE-2021-24904 Mortgage Calculators WP < 1.56 - Admin+ Stored Cross-Site Scripting

The Mortgage Calculators WP WordPress plugin before 1.56 does not implement any sanitisation on the color setting of the background of a calculator, which could allow high privilege users to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

5AI score0.05086EPSS
Exploits5References1
CVE
CVE
added 2022/02/14 9:20 a.m.80 views

CVE-2021-24904

CVE-2021-24904 affects WordPress Mortgage Calculators WP plugin prior to 1.56. The issue is a stored XSS in the color value of the background for a calculator, caused by no sanitisation of the color setting. The impact is that high-privilege (admin/authenticated) users could inject scripts when u...

4.8CVSS4.7AI score0.05086EPSS
Exploits5References1Affected Software1
Packet Storm
Packet Storm
added 2022/01/27 12:0 a.m.234 views

WordPress Mortgage Calculators WP 1.52 Cross Site Scripting

Exploit Title: WordPress Plugin Mortgage Calculators WP 1.52 - Stored Cross-Site Scripting XSS Authenticated Date: 25-10-2021 Exploit Author: Ceylan Bozogullarindan Vendor Homepage: https://lenderd.com/ Software Link: https://mortgagecalculatorsplugin.com/ Version: 1.52 Tested on: Linux CVE :...

5.1AI score0.05086EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/01/27 12:0 a.m.271 views

WordPress Plugin Mortgage Calculators WP 1.52 - Stored Cross-Site Scripting (XSS) (Authenticated)

Exploit Title: WordPress Plugin Mortgage Calculators WP 1.52 - Stored Cross-Site Scripting XSS Authenticated Date: 25-10-2021 Exploit Author: Ceylan Bozogullarindan Vendor Homepage: https://lenderd.com/ Software Link: https://mortgagecalculatorsplugin.com/ Version: 1.52 Tested on: Linux CVE :...

4.8CVSS5.1AI score0.05086EPSS
Exploits5
wpexploit
wpexploit
added 2022/01/11 12:0 a.m.125 views

Mortgage Calculators WP < 1.56 - Admin+ Stored Cross-Site Scripting

The plugin does not implement any sanitisation on the color setting of the background of a calculator, which could allow high privilege users to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. 1. Go to settings page available under the "Calculato...

4.8CVSS4.7AI score0.05086EPSS
Exploits5
WPVulnDB
WPVulnDB
added 2022/01/11 12:0 a.m.21 views

Mortgage Calculators WP < 1.56 - Admin+ Stored Cross-Site Scripting

The plugin does not implement any sanitisation on the color setting of the background of a calculator, which could allow high privilege users to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. PoC 1. Go to settings page available under the...

4.8CVSS2.1AI score0.05086EPSS
Exploits5Affected Software1
Rows per page
Query Builder