Lucene search
K

6271 matches found

Cvelist
Cvelist
added 2024/10/24 6:22 p.m.32 views

CVE-2024-46994 baserCMS has Cross-site Scripting Vulnerability in Blog posts and Contents list Feature

baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in Blog posts and Contents list Feature. Version 5.1.2 fixes this issue...

5.4CVSS0.0028EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/10/24 6:22 p.m.17 views

CVE-2024-46994 baserCMS has Cross-site Scripting Vulnerability in Blog posts and Contents list Feature

baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in Blog posts and Contents list Feature. Version 5.1.2 fixes this issue...

5.4CVSS6.2AI score0.0028EPSS
Exploits0References2
CVE
CVE
added 2024/10/24 6:22 p.m.51 views

CVE-2024-46994

CVE-2024-46994 concerns baserCMS. A cross-site scripting (XSS) vulnerability exists in the Blog posts and Contents list feature for versions prior to 5.1.2; version 5.1.2 contains the fix. Publicly documented analyses and advisories (including JVN and RH) corroborate the issue and list remediatio...

5.4CVSS5.1AI score0.0028EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2024/10/24 5:45 p.m.16 views

baserCMS has a Cross-site Scripting (XSS) Vulnerability in Blog posts Feature

XSS vulnerability in Blog posts feature to baserCMS. Target baserCMS 5.1.1 and earlier versions Vulnerability Malicious code may be executed in Blog posts feature. Countermeasures Update to the latest version of baserCMS Please refer to the following page to reference for more information...

6.3CVSS6.3AI score0.00303EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2024/10/24 5:45 p.m.9 views

GHSA-66JV-QRM3-VVFG baserCMS has a Cross-site Scripting (XSS) Vulnerability in Blog posts Feature

XSS vulnerability in Blog posts feature to baserCMS. Target baserCMS 5.1.1 and earlier versions Vulnerability Malicious code may be executed in Blog posts feature. Countermeasures Update to the latest version of baserCMS Please refer to the following page to reference for more information...

6.3CVSS6AI score0.00303EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2024/10/24 5:43 p.m.15 views

baserCMS has a Cross-site Scripting (XSS) Vulnerability in Blog posts and Contents list Feature

XSS vulnerability in Blog posts and Contents list Feature to baserCMS. Target baserCMS 5.1.1 and earlier versions Vulnerability Malicious code may be executed in Blog posts and Contents list feature. Countermeasures Update to the latest version of baserCMS Please refer to the following page to...

5.4CVSS6.3AI score0.0028EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2024/10/24 5:43 p.m.8 views

GHSA-WRJC-FMFQ-W3JR baserCMS has a Cross-site Scripting (XSS) Vulnerability in Blog posts and Contents list Feature

XSS vulnerability in Blog posts and Contents list Feature to baserCMS. Target baserCMS 5.1.1 and earlier versions Vulnerability Malicious code may be executed in Blog posts and Contents list feature. Countermeasures Update to the latest version of baserCMS Please refer to the following page to...

5.4CVSS5.6AI score0.0028EPSS
Exploits0References4
Patchstack
Patchstack
added 2024/10/24 10:33 a.m.5 views

WordPress Kodex Posts likes plugin <= 2.5.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by theviper17 Patchstack Alliance in WordPress Plugin Kodex Posts likes versions = 2.5.0...

6.5CVSS6.1AI score0.00251EPSS
Exploits0Affected Software1
OSV
OSV
added 2024/10/24 9:15 a.m.5 views

CVE-2024-10050

The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Information Disclosure in all versions up to, and including, 1.6.43 via the hfetemplate shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to view the contents of Draft...

4.3CVSS5.8AI score0.00471EPSS
Exploits0References3
NVD
NVD
added 2024/10/24 9:15 a.m.17 views

CVE-2024-10050

The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Information Disclosure in all versions up to, and including, 1.6.43 via the hfetemplate shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to view the contents of Draft...

4.3CVSS0.00471EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/10/24 12:0 a.m.5 views

PT-2024-15998 · Elementor · Elementor Header & Footer Builder

Name of the Vulnerable Software and Affected Versions: Elementor Header & Footer Builder plugin for WordPress versions up to, and including, 1.6.43 Description: The issue allows authenticated attackers with Contributor-level access and above to view the contents of Draft, Private, and...

4.3CVSS6.6AI score0.00471EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/10/24 12:0 a.m.5 views

PT-2024-32328 · Basercms · Basercms

Name of the Vulnerable Software and Affected Versions: baserCMS versions prior to 5.1.2 Description: The issue is a cross-site scripting vulnerability in the Blog posts feature of baserCMS, a website development framework. This vulnerability allows malicious code to be executed in the Blog posts...

6.3CVSS6.5AI score0.00303EPSS
Exploits0References8
Patchstack
Patchstack
added 2024/10/24 12:0 a.m.9 views

WordPress Kodex Posts likes Plugin <= 2.5.0 is vulnerable to Cross Site Scripting (XSS)

Software Kodex Posts likes Type Plugin Vulnerable versions = 2.5.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-50464 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 4d40ba7a06f0 Credits theviper17 Required privilege...

6.5CVSS6.5AI score0.00251EPSS
Exploits0References1Affected Software1
Circl
Circl
added 2024/10/22 12:0 p.m.27 views

CVE-2024-7587

creationtimestamp| type| source ---|---|--- 2024-10-22 12:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-24-296-01 2024-10-23 02:20:16+00:00| seen| https://t.me/cvedetector/8670 2024-10-31 18:39:00+00:00| seen| https://t.me/icscert/939 2025-03-11 11:30:05+00:00| seen|...

7.8CVSS8AI score0.00193EPSS
Exploits0References8
Circl
Circl
added 2024/10/22 12:24 a.m.12 views

CVE-2024-35286

creationtimestamp| type| source ---|---|--- 2024-10-22 00:24:20+00:00| seen| https://t.me/cvedetector/8577 2024-12-05 14:44:20+00:00| published-proof-of-concept| https://t.me/thebugbountyhunter/9404 2024-12-05 16:34:02+00:00| seen|...

9.8CVSS7.5AI score0.65559EPSS
Exploits0References15
OSV
OSV
added 2024/10/20 11:15 a.m.7 views

CVE-2024-49628

Cross-Site Request Forgery CSRF vulnerability in WhileTrue Most And Least Read Posts Widget allows Cross Site Request Forgery.This issue affects Most And Least Read Posts Widget: from n/a through 2.5.18...

8.8CVSS5.8AI score0.00195EPSS
Exploits0References1
NVD
NVD
added 2024/10/20 11:15 a.m.20 views

CVE-2024-49628

Cross-Site Request Forgery CSRF vulnerability in whiletrue Most And Least Read Posts Widget most-and-least-read-posts-widget allows Cross Site Request Forgery.This issue affects Most And Least Read Posts Widget: from n/a through = 2.5.18...

8.8CVSS0.00195EPSS
Exploits0References1
NVD
NVD
added 2024/10/20 10:15 a.m.18 views

CVE-2024-49629

Cross-Site Request Forgery CSRF vulnerability in Fahad Mahmood Endless Posts Navigation endless-posts-navigation allows Stored XSS.This issue affects Endless Posts Navigation: from n/a through = 2.2.7...

7.1CVSS0.00158EPSS
Exploits0References1
OSV
OSV
added 2024/10/20 10:15 a.m.8 views

CVE-2024-49629

Cross-Site Request Forgery CSRF vulnerability in Fahad Mahmood Endless Posts Navigation allows Stored XSS.This issue affects Endless Posts Navigation: from n/a through 2.2.7...

6.1CVSS5.8AI score0.00158EPSS
Exploits0References1
CVE
CVE
added 2024/10/20 10:10 a.m.51 views

CVE-2024-49628

CVE-2024-49628 is a CSRF vulnerability in the WordPress plugin Most And Least Read Posts Widget (WhileTrue) affecting versions 2.5.18 and earlier. Unauthenticated attackers could exploit CSRF to perform unintended actions. The issue is fixed in version 2.5.19; update the plugin to 2.5.19 or later...

8.8CVSS5.9AI score0.00195EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder