Lucene search
+L

323 matches found

cnnvd
cnnvd
added 2025/03/27 12:0 a.m.3 views

WordPress plugin Cazamba 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site reques...

7.1CVSS8.3AI score0.00131EPSS
Exploits0References1
cnnvd
cnnvd
added 2025/03/20 12:0 a.m.4 views

WordPress plugin SpotBot 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

7.1CVSS7.6AI score0.00263EPSS
Exploits1References1
cnnvd
cnnvd
added 2025/03/05 12:0 a.m.3 views

WordPress plugin Razorpay Subscription Button Elementor Plugin 跨站脚本漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exist...

6.1CVSS8.2AI score0.00304EPSS
Exploits0References4
cnnvd
cnnvd
added 2025/03/03 12:0 a.m.5 views

WordPress plugin NotFound Essay Wizard (wpCRES) 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

7.1CVSS5.9AI score0.00278EPSS
Exploits0References2
cnnvd
cnnvd
added 2025/03/03 12:0 a.m.2 views

WordPress plugin First Comment Redirect 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists i...

7.1CVSS5.8AI score0.00363EPSS
Exploits0References3
cnnvd
cnnvd
added 2025/03/03 12:0 a.m.2 views

WordPress plugin WP Easy Post Mailer 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripti...

7.1CVSS7.7AI score0.00363EPSS
Exploits0References2
redhatcve
redhatcve
added 2025/02/05 11:7 p.m.10 views

CVE-2022-1682

Reflected Xss using url based payload in GitHub repository neorazorx/facturascripts prior to 2022.07. Xss can use to steal user's cookies which lead to Account takeover or do any malicious activity in victim's browser...

9.4CVSS6.7AI score0.00724EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/02/05 8:4 a.m.15 views

CVE-2024-29923

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PropertyHive allows Reflected XSS.This issue affects PropertyHive: from n/a through 2.0.8...

7.1CVSS8.6AI score0.00397EPSS
Exploits0References1
cnnvd
cnnvd
added 2025/01/30 12:0 a.m.4 views

WordPress plugin StageShow 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin StageShow...

6.1CVSS8.2AI score0.00337EPSS
Exploits0References2
cnnvd
cnnvd
added 2025/01/26 12:0 a.m.3 views

WordPress plugin Quiz Maker Business, Developer, and Agency 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...

6.1CVSS7.8AI score0.00307EPSS
Exploits0References3
cnnvd
cnnvd
added 2025/01/17 12:0 a.m.5 views

ETIC Telecom Remote Access Server 跨站脚本漏洞

ETIC Telecom Remote Access Server is a remote maintenance solution from the French company ETIC Telecom. It is designed to enable manufacturers to remotely maintain automated equipment. A cross-site scripting vulnerability exists in ETIC Telecom Remote Access Server versions prior to 4.5.0, which...

6.1CVSS5.7AI score0.00224EPSS
Exploits0References2
cvelist
cvelist
added 2025/01/10 3:29 p.m.57 views

CVE-2025-22599 WeGIA has a Cross-Site Scripting (XSS) Reflected endpoint `home.php` parameter `msg_c`

WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in the home.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the msgc parameter. This vulnerability is fixed in 3.2.8...

6.4CVSS0.004EPSS
Exploits1References1
cnnvd
cnnvd
added 2025/01/10 12:0 a.m.3 views

WeGIA 跨站脚本漏洞

WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. A cross-site scripting vulnerability exists in WeGIA versions prior to 3.2.8, which stems from the presence of a Reflective Cross-Site Scripting XSS vulnerability that allows an attacker to inject malicio...

6.5CVSS5AI score0.004EPSS
Exploits1References1
cnnvd
cnnvd
added 2024/12/17 12:0 a.m.5 views

Liferay Portal和Liferay DXP 跨站脚本漏洞

Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE-based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP...

6.1CVSS6AI score0.00326EPSS
Exploits0References1
cnnvd
cnnvd
added 2024/11/15 12:0 a.m.5 views

GLPI 跨站脚本漏洞

GLPI is an open source IT and asset management software from an individual developer. The software provides a full-featured IT resource management interface that you can use to build databases to fully manage IT computers, monitors, servers, printers, network devices, phones, and even toner and i...

6.5CVSS4.4AI score0.00333EPSS
Exploits0References1
cnnvd
cnnvd
added 2024/11/11 12:0 a.m.5 views

PHPGurukul Online Marriage Registration System 安全漏洞

PHPGurukul Online Marriage Registration System is a website builder from PHPGurukul that supports online marriage registration. A security vulnerability exists in PHPGurukul Online Marriage Registration System v1.0, which originates from a Reflective Cross-Site Scripting XSS vulnerability in the...

6.1CVSS6.4AI score0.00406EPSS
Exploits1References2
cnnvd
cnnvd
added 2024/10/10 12:0 a.m.7 views

WordPress plugin Maximum Products per User for WooCommerce 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in PHP. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in the WordPress plugin Maximum...

6.1CVSS6AI score0.00349EPSS
Exploits0References4
cnnvd
cnnvd
added 2024/10/02 12:0 a.m.5 views

WordPress plugin Magazine Blocks 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...

6.1CVSS6.1AI score0.00364EPSS
Exploits0References4
cnnvd
cnnvd
added 2024/09/30 12:0 a.m.5 views

Metronic Admin Dashboard Template 安全漏洞

Metronic Admin Dashboard Template is a responsive website backend administration template from Metronic based on the Bootstrap framework. A security vulnerability exists in Metronic Admin Dashboard Template version v2.0, which stems from the presence of a Reflective Cross-Site Scripting XSS...

4.8CVSS6.1AI score0.00347EPSS
Exploits0References2
cve
cve
added 2024/06/22 5:0 a.m.53 views

CVE-2024-21517

CVE-2024-21517 affects opencart/opencart (version 4.0.0.0 and related builds). The issue is a reflected cross-site scripting (XSS) vulnerability in the redirect parameter of the customer account/login route, enabling an attacker to inject arbitrary HTML/JavaScript into the response. Impact is tar...

6.1CVSS4.5AI score0.00391EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder