CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

249 matches found

CVE•added 2021/06/07 10:49 a.m.•43 views

CVE-2021-24344

The CVE-2021-24344 entry concerns the Easy Preloader WordPress plugin up to version 1.0.0. The root cause is a failure to sanitize the plugin’s settings fields, which enables authenticated (admin+) Stored Cross-Site Scripting (XSS). Affected component is the plugin’s settings handling (no additio...

4.8CVSS4.9AI score0.00445EPSS

Exploits1References1Affected Software1

CNNVD•added 2021/06/07 12:0 a.m.•3 views

WordPress 插件跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . A cross-site scripting vulnerability exists in Easy...

4.8CVSS5.2AI score0.00445EPSS

Exploits1References1

Patchstack•added 2021/05/27 12:0 a.m.•17 views

WordPress Easy Preloader plugin <= 1.0.0 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Kishore Hariram in WordPress Easy Preloader plugin versions = 1.0.0. Solution This plugin has been closed as of May 4, 2021 and is not available for download. This closure is temporary, pending a full review...

4.8CVSS1.3AI score0.00445EPSS

Exploits1References3Affected Software1

WPVulnDB•added 2021/05/24 12:0 a.m.•14 views

Easy Preloader <= 1.0.0 - Authenticated Stored Cross-Site Scripting (XSS)

The plugin does not sanitise its setting fields, leading to authenticated admin+ Stored Cross-Site scripting issues PoC Step 1: Install the plugin "Easy Preloader" Step 2: Enter the payload below in the text field "Choose overlay color" or any other text fields in the plugin's settings...

4.8CVSS1.2AI score0.00445EPSS

Exploits1Affected Software1

wpexploit•added 2021/05/24 12:0 a.m.•155 views

Easy Preloader <= 1.0.0 - Authenticated Stored Cross-Site Scripting (XSS)

The plugin does not sanitise its setting fields, leading to authenticated admin+ Stored Cross-Site scripting issues Step 1: Install the plugin "Easy Preloader" Step 2: Enter the payload below in the text field "Choose overlay color" or any other text fields in the plugin's settings...

4.8CVSS0.5AI score0.00445EPSS

Exploits1

securityvulns•added 2013/07/10 12:0 a.m.•161 views

VUPEN Security Research - Oracle Java Preloader Click-2-Play Warning Bypass Vulnerability

VUPEN Security Research - Oracle Java Applet Preloader Click-2-Play Warning Bypass Vulnerability Website : http://www.vupen.com Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Java is the foundation for virtually every type of networked application and is the global standa...

0.6AI score

Exploits0

CVE•added 2000/01/04 5:0 a.m.•48 views

CVE-1999-0917

The CVE-1999-0917 issue concerns the Preloader ActiveX control used by Internet Explorer. The vulnerability allows remote attackers to read arbitrary files via this ActiveX component. The affected target is the Preloader ActiveX control in IE, with a potential impact to confidentiality (partial) ...

5.1CVSS7.1AI score0.06586EPSS

Exploits0References2Affected Software1