6271 matches found
CVE-2024-46994 baserCMS has Cross-site Scripting Vulnerability in Blog posts and Contents list Feature
baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in Blog posts and Contents list Feature. Version 5.1.2 fixes this issue...
CVE-2024-46994 baserCMS has Cross-site Scripting Vulnerability in Blog posts and Contents list Feature
baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in Blog posts and Contents list Feature. Version 5.1.2 fixes this issue...
CVE-2024-46994
CVE-2024-46994 concerns baserCMS. A cross-site scripting (XSS) vulnerability exists in the Blog posts and Contents list feature for versions prior to 5.1.2; version 5.1.2 contains the fix. Publicly documented analyses and advisories (including JVN and RH) corroborate the issue and list remediatio...
baserCMS has a Cross-site Scripting (XSS) Vulnerability in Blog posts Feature
XSS vulnerability in Blog posts feature to baserCMS. Target baserCMS 5.1.1 and earlier versions Vulnerability Malicious code may be executed in Blog posts feature. Countermeasures Update to the latest version of baserCMS Please refer to the following page to reference for more information...
GHSA-66JV-QRM3-VVFG baserCMS has a Cross-site Scripting (XSS) Vulnerability in Blog posts Feature
XSS vulnerability in Blog posts feature to baserCMS. Target baserCMS 5.1.1 and earlier versions Vulnerability Malicious code may be executed in Blog posts feature. Countermeasures Update to the latest version of baserCMS Please refer to the following page to reference for more information...
baserCMS has a Cross-site Scripting (XSS) Vulnerability in Blog posts and Contents list Feature
XSS vulnerability in Blog posts and Contents list Feature to baserCMS. Target baserCMS 5.1.1 and earlier versions Vulnerability Malicious code may be executed in Blog posts and Contents list feature. Countermeasures Update to the latest version of baserCMS Please refer to the following page to...
GHSA-WRJC-FMFQ-W3JR baserCMS has a Cross-site Scripting (XSS) Vulnerability in Blog posts and Contents list Feature
XSS vulnerability in Blog posts and Contents list Feature to baserCMS. Target baserCMS 5.1.1 and earlier versions Vulnerability Malicious code may be executed in Blog posts and Contents list feature. Countermeasures Update to the latest version of baserCMS Please refer to the following page to...
WordPress Kodex Posts likes plugin <= 2.5.0 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by theviper17 Patchstack Alliance in WordPress Plugin Kodex Posts likes versions = 2.5.0...
CVE-2024-10050
The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Information Disclosure in all versions up to, and including, 1.6.43 via the hfetemplate shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to view the contents of Draft...
CVE-2024-10050
The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Information Disclosure in all versions up to, and including, 1.6.43 via the hfetemplate shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to view the contents of Draft...
PT-2024-15998 · Elementor · Elementor Header & Footer Builder
Name of the Vulnerable Software and Affected Versions: Elementor Header & Footer Builder plugin for WordPress versions up to, and including, 1.6.43 Description: The issue allows authenticated attackers with Contributor-level access and above to view the contents of Draft, Private, and...
PT-2024-32328 · Basercms · Basercms
Name of the Vulnerable Software and Affected Versions: baserCMS versions prior to 5.1.2 Description: The issue is a cross-site scripting vulnerability in the Blog posts feature of baserCMS, a website development framework. This vulnerability allows malicious code to be executed in the Blog posts...
WordPress Kodex Posts likes Plugin <= 2.5.0 is vulnerable to Cross Site Scripting (XSS)
Software Kodex Posts likes Type Plugin Vulnerable versions = 2.5.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-50464 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 4d40ba7a06f0 Credits theviper17 Required privilege...
CVE-2024-7587
creationtimestamp| type| source ---|---|--- 2024-10-22 12:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-24-296-01 2024-10-23 02:20:16+00:00| seen| https://t.me/cvedetector/8670 2024-10-31 18:39:00+00:00| seen| https://t.me/icscert/939 2025-03-11 11:30:05+00:00| seen|...
CVE-2024-35286
creationtimestamp| type| source ---|---|--- 2024-10-22 00:24:20+00:00| seen| https://t.me/cvedetector/8577 2024-12-05 14:44:20+00:00| published-proof-of-concept| https://t.me/thebugbountyhunter/9404 2024-12-05 16:34:02+00:00| seen|...
CVE-2024-49628
Cross-Site Request Forgery CSRF vulnerability in WhileTrue Most And Least Read Posts Widget allows Cross Site Request Forgery.This issue affects Most And Least Read Posts Widget: from n/a through 2.5.18...
CVE-2024-49628
Cross-Site Request Forgery CSRF vulnerability in whiletrue Most And Least Read Posts Widget most-and-least-read-posts-widget allows Cross Site Request Forgery.This issue affects Most And Least Read Posts Widget: from n/a through = 2.5.18...
CVE-2024-49629
Cross-Site Request Forgery CSRF vulnerability in Fahad Mahmood Endless Posts Navigation endless-posts-navigation allows Stored XSS.This issue affects Endless Posts Navigation: from n/a through = 2.2.7...
CVE-2024-49629
Cross-Site Request Forgery CSRF vulnerability in Fahad Mahmood Endless Posts Navigation allows Stored XSS.This issue affects Endless Posts Navigation: from n/a through 2.2.7...
CVE-2024-49628
CVE-2024-49628 is a CSRF vulnerability in the WordPress plugin Most And Least Read Posts Widget (WhileTrue) affecting versions 2.5.18 and earlier. Unauthenticated attackers could exploit CSRF to perform unintended actions. The issue is fixed in version 2.5.19; update the plugin to 2.5.19 or later...