Lucene search
K

110 matches found

Positive Technologies
Positive Technologies
added 2021/11/17 12:0 a.m.12 views

PT-2021-23594 · WordPress · Wordpress Popular Posts

Name of the Vulnerable Software and Affected Versions: WordPress Popular Posts versions up to and including 5.3.2 Description: The WordPress Popular Posts plugin is vulnerable to arbitrary file uploads due to insufficient input file type validation found in the /src/Image.php file. This makes it...

8.8CVSS9.7AI score0.79823EPSS
Exploits5References16
CNNVD
CNNVD
added 2021/11/17 12:0 a.m.25 views

WordPress 代码问题漏洞

WordPress is a blogging platform developed using the PHP language, which supports setting up personal blogging sites on PHP and MySQL servers. WordPress plugin Popular Posts 5.3.2 and previous versions are vulnerable to arbitrary file uploads. An attacker could exploit the vulnerability to upload...

8.8CVSS6.4AI score0.79823EPSS
Exploits5References8
OpenVAS
OpenVAS
added 2021/10/12 12:0 a.m.13 views

WordPress Popular Posts Plugin < 5.3.4 XSS Vulnerability

The WordPress plugin Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...

5.5CVSS7AI score0.00566EPSS
Exploits0References2
CNVD
CNVD
added 2021/09/26 12:0 a.m.15 views

WordPress plugin Popular Posts cross-site scripting vulnerability

WordPress is the WordPress Foundation's suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blog sites on servers with PHP and MySQL.The Wordpress plugin Popular Posts 5.3.3 and previous versions have a cross-site scripting vulnerability tha...

5.5CVSS0.4AI score0.00566EPSS
Exploits0References1
OSV
OSV
added 2021/09/23 3:15 p.m.11 views

CVE-2021-36872

Authenticated Persistent Cross-Site Scripting XSS vulnerability in WordPress Popular Posts plugin versions = 5.3.3. Vulnerable at &widget-wpp2posttype...

5.4CVSS5.8AI score
Exploits0References2
Prion
Prion
added 2021/09/23 3:15 p.m.20 views

Cross site scripting

Authenticated Persistent Cross-Site Scripting XSS vulnerability in WordPress Popular Posts plugin versions = 5.3.3. Vulnerable at &widget-wpp2posttype...

3.5CVSS5.3AI score0.00566EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2021/09/23 3:0 p.m.52 views

CVE-2021-36872

CVE-2021-36872 affects WordPress Popular Posts plugin (versions

5.5CVSS5.2AI score0.00566EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/09/23 3:0 p.m.12 views

CVE-2021-36872 WordPress Popular Posts plugin <= 5.3.3 - Authenticated Persistent Cross-Site Scripting (XSS) vulnerability

Authenticated Persistent Cross-Site Scripting XSS vulnerability in WordPress Popular Posts plugin versions = 5.3.3. Vulnerable at &widget-wpp2posttype...

5.5CVSS5.5AI score0.00566EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2021/09/23 3:0 p.m.7 views

CVE-2021-36872 WordPress Popular Posts plugin <= 5.3.3 - Authenticated Persistent Cross-Site Scripting (XSS) vulnerability

Authenticated Persistent Cross-Site Scripting XSS vulnerability in WordPress Popular Posts plugin versions = 5.3.3. Vulnerable at &widget-wpp2posttype...

5.5CVSS5.5AI score0.00566EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/09/23 12:0 a.m.5 views

WordPress 跨站脚本漏洞

WordPress is the WordPress Foundation's suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blog sites on servers with PHP and MySQL.The Wordpress plugin Popular Posts 5.3.3 and previous versions have a cross-site scripting vulnerability tha...

5.5CVSS5.4AI score0.00566EPSS
Exploits0References2
CNVD
CNVD
added 2021/08/20 12:0 a.m.12 views

WordPress plugin Popular Posts remote code execution vulnerability

WordPress is a blogging platform developed based on the PHP language, which can be used to set up websites on servers supporting PHP and MySQL databases, and can also be used as a content management system CMS. WordPress plugin Popular Posts has a remote code execution vulnerability that can be...

5.1AI score
Exploits0References1
Check Point Advisories
Check Point Advisories
added 2021/08/04 12:0 a.m.1 views

WordPress Popular Posts Plugin Remote Code Execution

A remote code execution vulnerability exists in WordPress Popular Posts Plugin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

5.3AI score
Exploits0
Packet Storm
Packet Storm
added 2021/07/15 12:0 a.m.630 views

WordPress Popular Posts 5.3.2 Shell Upload

Exploit Title: WordPress Plugin Popular Posts 5.3.2 - Remote Code Execution RCE Authenticated Date: 15/07/2021 Exploit Author: Simone Cristofaro Vendor Homepage: https://it.wordpress.org/plugins/wordpress-popular-posts/ Software Link:...

Exploits0
Exploit DB
Exploit DB
added 2021/07/15 12:0 a.m.994 views

WordPress Plugin Popular Posts 5.3.2 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: WordPress Plugin Popular Posts 5.3.2 - Remote Code Execution RCE Authenticated Date: 15/07/2021 Exploit Author: Simone Cristofaro Vendor Homepage: https://it.wordpress.org/plugins/wordpress-popular-posts/ Software Link:...

8.8CVSS8.8AI score0.79823EPSS
Exploits5
Patchstack
Patchstack
added 2021/07/04 12:0 a.m.27 views

WordPress Popular Posts plugin <= 5.3.3 - Authenticated Persistent Cross-Site Scripting (XSS) vulnerability

Authenticated Persistent Cross-Site Scripting XSS vulnerability discovered by Vlad Visse Patchstack in WordPress Popular Posts plugin versions = 5.3.3. Solution Update the WordPress Popular Posts plugin to the latest available version at least 5.3.4...

5.5CVSS2.1AI score0.00566EPSS
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
added 2021/07/03 12:0 a.m.21 views

WordPress Popular Posts < 5.3.4 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape the widget-wpp2posttype parameter before outputting it in the page, which could lead to a Stored Cross-Site Scripting issue...

3.5CVSS0.9AI score0.00566EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2021/07/02 12:0 a.m.18 views

WordPress Popular Posts Plugin < 5.3.3 Multiple Vulnerabilities

The WordPress plugin Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...

5.4CVSS5.6AI score0.01442EPSS
Exploits1References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2021/06/30 2:36 a.m.8 views

WordPress Plugin "WordPress Popular Posts" vulnerable to cross-site scripting

Overview WordPress Plugin "WordPress Popular Posts" provided by Hector Cabrera contains a cross-site scripting vulnerability CWE-79. Yu Iwama of Secure Sky Technology Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

5.4CVSS6.2AI score0.01442EPSS
Exploits1References7
CNVD
CNVD
added 2021/06/29 12:0 a.m.27 views

WordPress Popular Posts Cross-Site Scripting Vulnerability

WordPress is the Wordpress Foundation's set of blogging platforms developed using the PHP language. WordPress Popular Posts 5.3.2 and earlier versions are vulnerable to cross-site scripting. An authenticated remote attacker can use this vulnerability to inject arbitrary scripts...

5.4CVSS2.6AI score0.01442EPSS
Exploits1References1
NVD
NVD
added 2021/06/28 1:15 a.m.18 views

CVE-2021-20746

Cross-site scripting vulnerability in WordPress Popular Posts 5.3.2 and earlier allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors...

5.4CVSS0.01442EPSS
Exploits1References4
Rows per page
Query Builder