Lucene search
K

114 matches found

Cvelist
Cvelist
added 2023/03/05 11:31 p.m.22 views

CVE-2015-10090 Landing Pages Plugin cross site scripting

A vulnerability, which was classified as problematic, has been found in Landing Pages Plugin up to 1.8.7 on WordPress. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgrading to version 1.8.8 is able to...

4CVSS6AI score0.00673EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/03/05 11:31 p.m.10 views

CVE-2015-10090 Landing Pages Plugin cross site scripting

A vulnerability, which was classified as problematic, has been found in Landing Pages Plugin up to 1.8.7 on WordPress. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgrading to version 1.8.8 is able to...

4CVSS6.2AI score0.00673EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/03/05 12:0 a.m.6 views

PT-2023-10269 · Unknown · Landing Pages Plugin

Name of the Vulnerable Software and Affected Versions: Landing Pages Plugin versions up to 1.8.7 Description: A problematic issue has been found in the Landing Pages Plugin, affecting some unknown functionality. This issue leads to cross-site scripting and can be exploited remotely...

6.1CVSS6.5AI score0.00673EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2023/01/16 3:38 p.m.11 views

CVE-2022-4483 Insert Pages < 3.7.5 - Contributor+ Stored XSS

The Insert Pages WordPress plugin before 3.7.5 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege...

5.5AI score0.00534EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2023/01/16 12:0 a.m.21 views

PT-2023-14558 · WordPress · Insert Pages

Name of the Vulnerable Software and Affected Versions: Insert Pages WordPress plugin versions prior to 3.7.5 Description: The issue allows users with a role as low as contributor to perform Stored Cross-Site Scripting attacks, which could be used against high privilege users such as admins. This ...

5.4CVSS6.2AI score0.00534EPSS
Exploits2References6
OSV
OSV
added 2022/08/23 4:15 p.m.6 views

CVE-2022-36341

Authenticated subscriber+ plugin settings change leading to Stored Cross-Site Scripting XSS vulnerability in Akash soni's AS – Create Pinterest Pinboard Pages plugin = 1.0 at WordPress...

5.4CVSS5.8AI score0.00424EPSS
Exploits0References2
CNVD
CNVD
added 2022/06/30 12:0 a.m.22 views

WordPress Nested Pages plugin跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress Nested Pages plugin version prior to 3.1.21 has a cross-site scripting vulnerability that...

3.5CVSS1AI score0.00625EPSS
Exploits2Affected Software1
Positive Technologies
Positive Technologies
added 2022/06/27 12:0 a.m.6 views

PT-2022-14242 · WordPress · Nested Pages

Name of the Vulnerable Software and Affected Versions: Nested Pages WordPress plugin versions prior to 3.1.21 Description: The issue allows high privilege users to perform Stored Cross-Site Scripting attacks when the unfiltered html is disallowed, due to the plugin not escaping and sanitizing som...

4.8CVSS4.6AI score0.00625EPSS
Exploits2References5
Prion
Prion
added 2022/03/18 6:15 p.m.11 views

Cross site scripting

Authenticated admin+ Stored Cross-Site Scripting XSS vulnerability discovered in AMP for WP – Accelerated Mobile Pages plugin = 1.0.77.31 versions...

3.5CVSS4.9AI score0.00535EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.16 views

WordPress Widgets on Pages plugin <= 1.5.0 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Widgets on Pages plugin versions = 1.5.0. Solution Update the WordPress Widgets on Pages plugin to the latest available version at least 1.6.0...

3.8AI score
Exploits0References2Affected Software1
OSV
OSV
added 2021/11/17 11:15 a.m.10 views

CVE-2021-24851

The Insert Pages WordPress plugin before 3.7.0 allows users with a role as low as Contributor to access content and metadata from arbitrary posts/pages regardless of their author and status ie private, using a shortcode. Password protected posts/pages are not affected by such issue...

4.3CVSS5.9AI score0.00913EPSS
Exploits2References2
CNNVD
CNNVD
added 2021/11/17 12:0 a.m.8 views

WordPress 跨站脚本漏洞

WordPress is a set of blogging platforms developed by the WordPress Foundation using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL. WordPress Insert Pages plugin has a cross-site scripting vulnerability in versions prior to 3.7.0, whi...

5.4CVSS5.2AI score0.00604EPSS
Exploits2References2
CNNVD
CNNVD
added 2021/11/17 12:0 a.m.6 views

WordPress 安全漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. An authorization issue vulnerability exists in the WordPress Insert Pages plugin in versions prior to 3.7.0,...

4.3CVSS5.9AI score0.00913EPSS
Exploits2References3
ATTACKERKB
ATTACKERKB
added 2021/08/25 12:0 a.m.2 views

CVE-2021-38343

The Nested Pages WordPress plugin = 3.1.15 was vulnerable to an Open Redirect via the page POST parameter in the npBulkActions, npBulkEdit, npListingSort, and npCategoryFilter adminpost actions...

6.1CVSS6.4AI score0.00826EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2021/08/25 12:0 a.m.2 views

CVE-2021-38342

The Nested Pages WordPress plugin = 3.1.15 was vulnerable to Cross-Site Request Forgery via the npBulkActions and npBulkEdit adminpost actions, which allowed attackers to trash or permanently purge arbitrary posts as well as changing their status, reassigning their ownership, and editing other...

8.1CVSS7.3AI score0.00492EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2019/08/22 7:15 p.m.13 views

Directory traversal

The insert-pages plugin before 3.2.4 for WordPress has directory traversal via custom template paths...

6.4CVSS9.2AI score0.02503EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2019/03/21 4:0 p.m.19 views

CVE-2018-19498

The Simplenia Pages plugin 2.6.0 for Atlassian Bitbucket Server has XSS...

6.1CVSS6.4AI score0.0155EPSS
Exploits2References4
OSV
OSV
added 2019/03/21 4:0 p.m.5 views

CVE-2018-19498

The Simplenia Pages plugin 2.6.0 for Atlassian Bitbucket Server has XSS...

6.1CVSS5.8AI score0.0155EPSS
Exploits2References4
Prion
Prion
added 2019/03/21 4:0 p.m.154 views

Cross site scripting

The Simplenia Pages plugin 2.6.0 for Atlassian Bitbucket Server has XSS...

4.3CVSS6.3AI score0.0155EPSS
Exploits2References4Affected Software1
CVE
CVE
added 2019/03/17 9:41 p.m.49 views

CVE-2018-19498

The CVE-2018-19498 entry concerns the Pages for Bitbucket Server plugin (Simplenia Pages) version 2.6.0 and earlier for Atlassian Bitbucket Server, vulnerable to Cross-Site Scripting (CWE-79). The advisory SYSS-2018-037 (PacketStorm/SySS) shows affected versions up to 2.6.0, with a fix implemente...

6.1CVSS6.3AI score0.0155EPSS
Exploits2References4Affected Software1
Rows per page
Query Builder