Lucene search
K

137 matches found

Patchstack
Patchstack
added 2024/11/04 8:56 p.m.6 views

WordPress Seriously Simple Podcasting plugin <= 3.5.0 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Plugin Seriously Simple Podcasting versions = 3.5.0...

6.1CVSS6.3AI score0.0039EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/11/04 12:0 a.m.13 views

WordPress Seriously Simple Podcasting Plugin <= 3.5.0 is vulnerable to Cross Site Scripting (XSS)

Software Seriously Simple Podcasting Type Plugin Vulnerable versions = 3.5.0 Fixed in 3.6.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9667 Patch priority Medium CVSS severity Medium 7.1 Developer Castos PSID 0de852fa37f5 Credits Webbernaut...

6.1CVSS5.7AI score0.0039EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2024/09/24 2:15 a.m.3 views

CVE-2024-8738

The Seriously Simple Stats plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.6.0. This makes it possible for unauthenticated attackers to inject arbitrary web scripts i...

6.1CVSS5.9AI score0.00444EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/09/24 1:56 a.m.9 views

CVE-2024-8738 Seriously Simple Stats <= 1.6.0 - Reflected Cross-Site Scripting

The Seriously Simple Stats plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.6.0. This makes it possible for unauthenticated attackers to inject arbitrary web scripts i...

6.1CVSS6.4AI score0.00444EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/09/24 12:54 a.m.4 views

WordPress Seriously Simple Stats plugin <= 1.6.0 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin Seriously Simple Stats versions = 1.6.0...

6.1CVSS6.3AI score0.00444EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/09/24 12:0 a.m.14 views

WordPress Seriously Simple Stats Plugin <= 1.6.0 is vulnerable to Cross Site Scripting (XSS)

Software Seriously Simple Stats Type Plugin Vulnerable versions = 1.6.0 Fixed in 1.7.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8738 Patch priority Medium CVSS severity Medium 7.1 Developer Castos PSID f8f850e73781 Credits vgo0 Required...

6.1CVSS5.7AI score0.00444EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2024/09/23 12:0 a.m.3 views

WordPress plugin Seriously Simple Stats 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...

6.1CVSS5.8AI score0.00444EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/09/23 12:0 a.m.8 views

PT-2024-39215 · WordPress · Seriously Simple Stats

Name of the Vulnerable Software and Affected Versions: Seriously Simple Stats plugin for WordPress versions up to, and including, 1.6.0 Description: The issue arises from the use of add query arg without proper escaping on the URL, allowing unauthenticated attackers to inject arbitrary web script...

6.1CVSS7.3AI score0.00444EPSS
Exploits0References7
Patchstack
Patchstack
added 2024/07/15 2:26 a.m.5 views

WordPress Seriously Simple Podcasting plugin < 3.3.0 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Thanh Hang in WordPress Plugin Seriously Simple Podcasting versions 3.3.0...

4.8CVSS6.1AI score0.00455EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2024/07/15 12:0 a.m.12 views

WordPress Seriously Simple Podcasting Plugin < 3.3.0 is vulnerable to Cross Site Scripting (XSS)

Software Seriously Simple Podcasting Type Plugin Vulnerable versions 3.3.0 Fixed in 3.3.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3751 Patch priority Low CVSS severity Low 5.9 Developer Castos PSID a88cd16d6fc7 Credits Thanh Hang Required...

4.8CVSS6AI score0.00455EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2024/07/13 6:0 a.m.33 views

CVE-2024-3751 Seriously Simple Podcasting < 3.3.0 - Admin+ Stored XSS

The Seriously Simple Podcasting WordPress plugin before 3.3.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

0.00455EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/07/13 12:0 a.m.7 views

PT-2024-27615 · WordPress · Seriously Simple Podcasting

Name of the Vulnerable Software and Affected Versions: Seriously Simple Podcasting WordPress plugin versions prior to 3.3.0 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks. This can occur even when the unfiltered html capability i...

4.8CVSS6AI score0.00455EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/07/13 12:0 a.m.4 views

WordPress plugin Seriously Simple Podcasting security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability in th...

4.8CVSS6AI score0.00455EPSS
Exploits1References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:0 p.m.3 views

Malicious code in seriously-simple-podcasting (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSV
OSV
added 2024/06/25 1:0 p.m.3 views

MAL-2024-3003 Malicious code in seriously-simple-podcasting (npm)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
NVD
NVD
added 2024/03/28 7:15 a.m.32 views

CVE-2024-25599

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Craig Hewitt Seriously Simple Podcasting seriously-simple-podcasting.This issue affects Seriously Simple Podcasting: from n/a through = 3.0.2...

7.1CVSS6.9AI score0.00426EPSS
Exploits0References2
CVE
CVE
added 2024/03/28 6:52 a.m.68 views

CVE-2024-25599

Technical details about CVE-2024-25599 are not provided in the connected documents. Please monitor for updates from vendors/security advisories.

7.1CVSS7.2AI score0.00426EPSS
Exploits0References2Affected Software1
VulnCheck KEV
VulnCheck KEV
added 2024/03/26 12:0 a.m.5 views

VulnCheck KEV: CVE-2024-25599

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Craig Hewitt Seriously Simple Podcasting seriously-simple-podcasting.This issue affects Seriously Simple Podcasting: from n/a through = 3.0.2...

6.1CVSS7.3AI score0.00426EPSS
Exploits0References1
CVE
CVE
added 2024/03/11 5:56 p.m.90 views

CVE-2023-6444

Seriously Simple Podcasting WordPress plugin versions prior to 3.0.0 disclose the Podcast owner's email via an unauthenticated crafted request. Impact: unauthorized disclosure of administrator email addresses; remediation: upgrade to version 3.0.0 or later.

5.3CVSS5.3AI score0.02463EPSS
Exploits3References1Affected Software1
CNNVD
CNNVD
added 2024/03/11 12:0 a.m.4 views

WordPress Plugin Seriously Simple Podcasting Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

5.3CVSS6.7AI score0.02463EPSS
Exploits3References2
Rows per page
Query Builder