Lucene search
K

7 matches found

Patchstack
Patchstack
added 2025/05/19 2:36 a.m.6 views

WordPress PeoplePond plugin <= 1.1.9 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by Daniel Ruf in WordPress Plugin PeoplePond versions = 1.1.9...

6.1CVSS6AI score0.00143EPSS
Exploits1References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/17 9:1 p.m.2 views

CVE-2024-8085

The PeoplePond WordPress plugin through 1.1.9 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

6.1CVSS5.9AI score0.00143EPSS
Exploits1References1
OSV
OSV
added 2025/05/15 8:15 p.m.2 views

CVE-2024-8085

The PeoplePond WordPress plugin through 1.1.9 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

6.1CVSS5.8AI score0.00143EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/05/15 8:7 p.m.6 views

CVE-2024-8085 PeoplePond <= 1.1.9 - CSRF to Stored XSS

The PeoplePond WordPress plugin through 1.1.9 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

6.1AI score0.00143EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/05/15 8:7 p.m.14 views

CVE-2024-8085 PeoplePond <= 1.1.9 - CSRF to Stored XSS

The PeoplePond WordPress plugin through 1.1.9 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

0.00143EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/05/15 12:0 a.m.2 views

WordPress plugin PeoplePond 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.1CVSS5.9AI score0.00143EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/05/15 12:0 a.m.3 views

PT-2025-21511 · WordPress · Peoplepond

Name of the Vulnerable Software and Affected Versions: PeoplePond WordPress plugin versions 1.1.9 and earlier Description: The issue concerns the lack of CSRF checks in certain areas and missing sanitization as well as escaping in the PeoplePond WordPress plugin. This could allow attackers to mak...

6.1CVSS5.8AI score0.00143EPSS
Exploits1References3
Rows per page
Query Builder