Lucene search
K

302 matches found

Positive Technologies
Positive Technologies
added 2025/04/01 12:0 a.m.5 views

PT-2025-14399 · Unknown · Secure Copy Content Protection/Content Locking

Name of the Vulnerable Software and Affected Versions: Ays Pro Secure Copy Content Protection and Content Locking versions n/a through 4.4.3 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Stored...

7.1CVSS7AI score0.00366EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/04/01 12:0 a.m.4 views

WordPress plugin Secure Copy Content Protection and Content Locking 跨站脚本漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in...

7.1CVSS6.8AI score0.00366EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/03/01 11:22 a.m.6 views

CVE-2025-1404 Secure Copy Content Protection and Content Locking <= 4.4.7 - Missing Authorization to Unauthenticated User Email Retrieval via ays_sccp_reports_user_search Function

The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ayssccpreportsusersearch function in all versions up to, and including, 4.4.7. This makes it possible for unauthenticated attackers to...

5.3CVSS5.1AI score0.00369EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/03/01 11:22 a.m.16 views

CVE-2025-1404 Secure Copy Content Protection and Content Locking <= 4.4.7 - Missing Authorization to Unauthenticated User Email Retrieval via ays_sccp_reports_user_search Function

The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ayssccpreportsusersearch function in all versions up to, and including, 4.4.7. This makes it possible for unauthenticated attackers to...

5.3CVSS0.00369EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2025/02/14 6:24 a.m.4 views

SUSE CVE-2023-34049

The Salt-SSH pre-flight option copies the script to the target at a predictable path, which allows an attacker to force Salt-SSH to run their script. If an attacker has access to the target VM and knows the path to the pre-flight script before it runs they can ensure Salt-SSH runs their script wi...

8.4CVSS7.2AI score0.00187EPSS
Exploits0References18
RedhatCVE
RedhatCVE
added 2025/02/05 8:19 a.m.8 views

CVE-2024-47306

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ays Pro Secure Copy Content Protection and Content Locking secure-copy-content-protection-subscribe-to-view allows Stored XSS.This issue affects Secure Copy Content Protection and Content Locking:...

7.1CVSS5.9AI score0.00292EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 1:24 a.m.9 views

CVE-2024-20449

A vulnerability in Cisco Nexus Dashboard Fabric Controller NDFC could allow an authenticated, remote attacker with low privileges to execute arbitrary code on an affected device. This vulnerability is due to improper path validation. An attacker could exploit this vulnerability by using the Secur...

8.8CVSS7.8AI score0.00944EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/15 12:0 a.m.5 views

Aginode GigaSwitch 安全漏洞

Aginode GigaSwitch is a LANactive support portal from Aginode. A security vulnerability exists in Aginode GigaSwitch version v5 that stems from the use of SCP commands to access sensitive information...

6.5CVSS6.5AI score0.00302EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/04 12:0 a.m.8 views

PT-2024-28393 · Aginode · Aginode Gigaswitch V5

Name of the Vulnerable Software and Affected Versions: Aginode GigaSwitch V5 versions prior to 7.06G Description: The issue allows authenticated attackers with Administrator privileges to upload an earlier firmware version, exposing the device to previously patched vulnerabilities. This can be do...

8.8CVSS7.2AI score0.00443EPSS
Exploits0References7
Cvelist
Cvelist
added 2024/10/06 11:33 a.m.22 views

CVE-2024-47306 WordPress Secure Copy Content Protection and Content Locking plugin <= 4.2.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ays Pro Secure Copy Content Protection and Content Locking secure-copy-content-protection-subscribe-to-view allows Stored XSS.This issue affects Secure Copy Content Protection and Content Locking:...

7.1CVSS0.00292EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/06 11:33 a.m.14 views

CVE-2024-47306 WordPress Secure Copy Content Protection and Content Locking plugin <= 4.2.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Copy Content Protection Team Secure Copy Content Protection and Content Locking allows Stored XSS.This issue affects Secure Copy Content Protection and Content Locking: from n/a through 4.2....

7.1CVSS6.7AI score0.00292EPSS
Exploits0References1
OSV
OSV
added 2024/10/02 5:15 p.m.0 views

CVE-2024-20449

A vulnerability in Cisco Nexus Dashboard Fabric Controller NDFC could allow an authenticated, remote attacker with low privileges to execute arbitrary code on an affected device. This vulnerability is due to improper path validation. An attacker could exploit this vulnerability by using the Secur...

8.8CVSS6.2AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/02 4:54 p.m.12 views

CVE-2024-20449 Cisco Nexus Dashboard Fabric Controller Remote Code Execution Vulnerability

A vulnerability in Cisco Nexus Dashboard Fabric Controller NDFC could allow an authenticated, remote attacker with low privileges to execute arbitrary code on an affected device. This vulnerability is due to improper path validation. An attacker could exploit this vulnerability by using the Secur...

8.8CVSS7.8AI score0.00944EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/02 4:54 p.m.18 views

CVE-2024-20449 Cisco Nexus Dashboard Fabric Controller Remote Code Execution Vulnerability

A vulnerability in Cisco Nexus Dashboard Fabric Controller NDFC could allow an authenticated, remote attacker with low privileges to execute arbitrary code on an affected device. This vulnerability is due to improper path validation. An attacker could exploit this vulnerability by using the Secur...

8.8CVSS0.00944EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/10/02 12:0 a.m.8 views

PT-2024-8633 · Cisco · Cisco Nexus Dashboard Fabric Controller

Name of the Vulnerable Software and Affected Versions: Cisco Nexus Dashboard Fabric Controller NDFC affected versions not specified Description: The issue is related to improper path validation in the Cisco Nexus Dashboard Fabric Controller NDFC, which could allow an authenticated, remote attacke...

9CVSS7.9AI score0.00944EPSS
Exploits0References9
NVD
NVD
added 2024/09/04 6:15 a.m.15 views

CVE-2024-6888

The Secure Copy Content Protection and Content Locking WordPress plugin before 4.1.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for...

4.8CVSS0.00377EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/09/03 12:0 a.m.7 views

PT-2024-37929 · WordPress · Secure Copy Content Protection/Content Locking

Name of the Vulnerable Software and Affected Versions: Secure Copy Content Protection and Content Locking WordPress plugin versions prior to 4.1.7 Description: The issue is related to the Secure Copy Content Protection and Content Locking WordPress plugin, which does not properly sanitise and...

4.8CVSS5.9AI score0.00377EPSS
Exploits1References7
Patchstack
Patchstack
added 2024/07/11 9:51 a.m.5 views

WordPress Secure Copy Content Protection plugin < 4.0.9 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Krugov Aryom in WordPress Plugin Secure Copy Content Protection and Content Locking versions 4.0.9...

6.5CVSS6.1AI score0.00371EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2024/07/11 6:15 a.m.16 views

CVE-2024-6138

The Secure Copy Content Protection and Content Locking WordPress plugin before 4.0.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for...

6.5CVSS0.00371EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/07/11 6:0 a.m.30 views

CVE-2024-6138 Secure Copy Content Protection < 4.0.9 - Admin+ Stored XSS

The Secure Copy Content Protection and Content Locking WordPress plugin before 4.0.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for...

0.00371EPSS
Exploits1References1
Rows per page
Query Builder