Lucene search
K

29 matches found

Cvelist
Cvelist
added 2025/01/07 4:22 a.m.22 views

CVE-2024-11382 Common Ninja: Fully Customizable & Perfectly Responsive Free Widgets for WordPress Websites <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Common Ninja: Fully Customizable & Perfectly Responsive Free Widgets for WordPress Websites plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'commonninja' shortcode in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output...

6.4CVSS0.00303EPSS
Exploits0References2
CVE
CVE
added 2025/01/07 4:22 a.m.47 views

CVE-2024-11382

CVE-2024-11382 – Common Ninja WordPress widget plugin : The Common Ninja: Fully Customizable & Perfectly Responsive Free Widgets for WordPress Websites plugin is vulnerable to Stored Cross-Site Scripting via the plugin shortcode commonninja in all versions up to 1.1.0. The issue arises from insuf...

6.4CVSS5.7AI score0.00303EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/11/18 12:0 a.m.8 views

WordPress plugin Website remote Install vor Gravity, WPForms, Formidable, Ninja, Caldera 跨站脚本漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. WordPress plugin is an application plugin that allows you to set up a personal blog site on a PHP and MySQL server. WordPress plugin Website remote Install vor Gravity, WPForms,...

6.5CVSS7.5AI score0.00217EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/11/08 6:12 p.m.4 views

WordPress Website remote Install vor Gravity, WPForms, Formidable, Ninja, Caldera plugin <= 4.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Website remote Install vor Gravity, WPForms, Formidable, Ninja, Caldera versions = 4.0...

6.5CVSS6.2AI score0.00217EPSS
Exploits0Affected Software1
NVD
NVD
added 2019/12/27 8:15 p.m.13 views

CVE-2014-4550

Cross-site scripting XSS vulnerability in preview-shortcode-external.php in the Shortcode Ninja plugin 1.4 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the shortcode parameter...

6.1CVSS6.1AI score0.03884EPSS
Exploits2References1
CVE
CVE
added 2019/12/27 7:34 p.m.172 views

CVE-2014-4550

CVE-2014-4550 is a cross-site scripting vulnerability in the WordPress plugin Shortcode Ninja up to version 1.4 (and earlier) in the file preview-shortcode-external.php . The root cause is insufficient validation/escaping of the shortcode parameter, allowing remote attackers to inject arbitrary s...

6.1CVSS6.1AI score0.03884EPSS
Exploits2References1Affected Software1
NVD
NVD
added 2014/06/10 2:55 p.m.14 views

CVE-2014-4017

Cross-site scripting XSS vulnerability in the Conversion Ninja plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the id parameter to lp/index.php...

4.3CVSS5.8AI score0.01636EPSS
Exploits1References1
CVE
CVE
added 2014/06/10 2:0 p.m.48 views

CVE-2014-4017

CVE-2014-4017 is a cross-site scripting (XSS) vulnerability in the WordPress plugin Conversion Ninja . The flaw allows remote attackers to inject arbitrary script or HTML by supplying a crafted value to the id parameter of lp/index.php . Multiple connected sources confirm this is an XSS issue in ...

4.3CVSS6AI score0.01636EPSS
Exploits1References1Affected Software1
OpenVAS
OpenVAS
added 2014/06/02 12:0 a.m.16 views

WordPress Conversion Ninja 'id' Parameter Cross Site Scripting Vulnerability

WordPress Conversion Ninja Plugin is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

4.3CVSS5.7AI score0.01636EPSS
Exploits1References2
Rows per page
Query Builder