CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

Patchstack•added 2024/06/13 9:33 a.m.•2 views

WordPress Elespare plugin <= 3.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Horizontal Nav Menu Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Horizontal Nav Menu Widget vulnerability discovered by stealthcopter in WordPress Plugin Elespare versions = 3.1.2...

6.4CVSS5.8AI score0.01221EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2024/06/05 12:0 a.m.•2 views

PT-2024-29756 · WordPress · Themesflat Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Themesflat Addons For Elementor plugin for WordPress versions up to, and including, 2.1.1 Description: The issue is related to Stored Cross-Site Scripting in the Themesflat Addons For Elementor plugin for WordPress. This is due to insufficien...

6.4CVSS6.1AI score0.00561EPSS

Exploits0References16

OSV•added 2015/11/09 11:59 a.m.•1 views

DEBIAN-CVE-2015-5732

Cross-site scripting XSS vulnerability in the form function in the WPNavMenuWidget class in wp-includes/default-widgets.php in WordPress before 4.2.4 allows remote attackers to inject arbitrary web script or HTML via a widget title...

4.3CVSS5.8AI score0.01687EPSS

Exploits0References1