Lucene search
K

108 matches found

Cvelist
Cvelist
added 2024/07/04 6:8 p.m.26 views

CVE-2024-37476 WordPress Newspack Campaigns plugin <= 2.31.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability in Automattic Newspack Campaigns allows Stored XSS.This issue affects Newspack Campaigns: from n/a through 2.31.1...

6.5CVSS0.00277EPSS
Exploits0References1
OSV
OSV
added 2024/07/04 6:8 p.m.6 views

CVE-2024-37476 WordPress Newspack Campaigns plugin <= 2.31.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability in Automattic Newspack Campaigns allows Stored XSS.This issue affects Newspack Campaigns: from n/a through 2.31.1...

6.5CVSS5.9AI score0.00277EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/07/04 12:0 a.m.7 views

PT-2024-27585 · Automattic · Newspack Campaigns

Name of the Vulnerable Software and Affected Versions: Newspack Campaigns versions 2.31.1 and earlier Description: The issue is a Cross Site Scripting XSS vulnerability, specifically a Stored XSS, in Automattic Newspack Campaigns. This allows for malicious scripts to be stored on the server and...

6.5CVSS5.8AI score0.00277EPSS
Exploits0References10
CNNVD
CNNVD
added 2024/07/04 12:0 a.m.5 views

WordPress plugin Newspack Campaigns security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

6.5CVSS6.1AI score0.00277EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/07/04 12:0 a.m.5 views

WordPress plugin Newspack Ads security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.5CVSS6.1AI score0.00277EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/07/04 12:0 a.m.8 views

PT-2024-27583 · Automattic · Newspack Ads

Name of the Vulnerable Software and Affected Versions: Newspack Ads versions 1.47.1 and earlier Description: A Cross Site Scripting XSS issue, specifically a Stored XSS vulnerability, has been identified in Automattic Newspack Ads. This allows for malicious scripts to be stored on the server and...

6.5CVSS5.3AI score0.00277EPSS
Exploits0References10
Patchstack
Patchstack
added 2024/07/01 12:40 p.m.5 views

WordPress Newspack Content Converter plugin <= 0.1.5 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Newspack Content Converter versions = 0.1.5...

6.5CVSS7AI score0.00394EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/07/01 12:38 p.m.6 views

WordPress Newspack Campaigns plugin <= 2.31.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Newspack Campaigns versions = 2.31.1...

6.5CVSS6.1AI score0.00277EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/07/01 12:36 p.m.4 views

WordPress Newspack Newsletters plugin <= 2.13.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Newspack Newsletters versions = 2.13.2...

5.3CVSS7AI score0.00409EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/07/01 12:34 p.m.6 views

WordPress Newspack Ads plugin <= 1.47.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Newspack Ads versions = 1.47.1...

6.5CVSS6.1AI score0.00277EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/07/01 12:0 a.m.10 views

WordPress Newspack Newsletters Plugin <= 2.13.2 is vulnerable to Broken Access Control

Software Newspack Newsletters Type Plugin Vulnerable versions = 2.13.2 Fixed in 2.13.3 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-37475 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID eaec81ca6f12 Credits Rafie Muhammad...

5.3CVSS6.3AI score0.00409EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/07/01 12:0 a.m.9 views

WordPress Newspack Campaigns Plugin <= 2.31.1 is vulnerable to Cross Site Scripting (XSS)

Software Newspack Campaigns Type Plugin Vulnerable versions = 2.31.1 Fixed in 2.31.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37476 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 0b7e9fddfca4 Credits Rafie Muhammad Patchstack Require...

6.5CVSS6.6AI score0.00277EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/07/01 12:0 a.m.6 views

WordPress Newspack Content Converter Plugin <= 0.1.5 is vulnerable to Broken Access Control

Software Newspack Content Converter Type Plugin Vulnerable versions = 0.1.5 Fixed in 1.0.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-37477 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 9023ad743104 Credits Rafie Muhammad...

6.5CVSS6.3AI score0.00394EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/07/01 12:0 a.m.9 views

WordPress Newspack Ads Plugin <= 1.47.1 is vulnerable to Cross Site Scripting (XSS)

Software Newspack Ads Type Plugin Vulnerable versions = 1.47.1 Fixed in 1.47.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37474 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b8d60e34d1ee Credits Rafie Muhammad Patchstack Required...

6.5CVSS6.6AI score0.00277EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/06/28 8:26 a.m.3 views

WordPress Newspack Blocks plugin <= 3.0.8 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Newspack Blocks versions = 3.0.8...

5.4CVSS7AI score0.00371EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/06/28 8:18 a.m.3 views

WordPress Newspack Blocks plugin <= 3.0.8 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Newspack Blocks versions = 3.0.8...

9.9CVSS7AI score0.00492EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/06/28 8:17 a.m.3 views

WordPress Newspack Blocks plugin <= 3.0.8 - Contributor+ Arbitrary Directory Deletion vulnerability

Contributor+ Arbitrary Directory Deletion vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Newspack Blocks versions = 3.0.8...

8.5CVSS7AI score0.0045EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/06/28 12:0 a.m.6 views

WordPress Newspack Blocks Plugin <= 3.0.8 is vulnerable to Arbitrary File Upload

Software Newspack Blocks Type Plugin Vulnerable versions = 3.0.8 Fixed in 3.0.9 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-37424 Patch priority Medium CVSS severity Medium 9.9 Developer Claim ownership PSID dd4273e7b78e Credits Rafie Muhammad Patchstack Required...

9.9CVSS6.8AI score0.00492EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/06/28 12:0 a.m.9 views

WordPress Newspack Blocks Plugin <= 3.0.8 is vulnerable to Broken Access Control

Software Newspack Blocks Type Plugin Vulnerable versions = 3.0.8 Fixed in 3.0.9 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-37425 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID bdb588fe4e59 Credits Rafie Muhammad Patchstack...

5.4CVSS6.7AI score0.00371EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/06/28 12:0 a.m.10 views

WordPress Newspack Blocks Plugin <= 3.0.8 is vulnerable to Arbitrary File Deletion

Software Newspack Blocks Type Plugin Vulnerable versions = 3.0.8 Fixed in 3.0.9 OWASP Top 10 A1: Broken Access Control Classification Arbitrary File Deletion CVE CVE-2024-37423 Patch priority Medium CVSS severity Medium 8.5 Developer Claim ownership PSID a16694974ae5 Credits Rafie Muhammad...

8.5CVSS6.6AI score0.0045EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder