Lucene search
K

13 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-11322

Malicious code in bioql PyPI...

7.1CVSS7.7AI score0.00173EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/04/25 4:0 p.m.4 views

CVE-2025-39530

Cross-Site Request Forgery CSRF vulnerability in dsky Site Search 360 site-search-360 allows Stored XSS.This issue affects Site Search 360: from n/a through = 2.1.8...

7.1CVSS7.2AI score0.00173EPSS
Exploits0References1
NVD
NVD
added 2025/04/16 1:15 p.m.4 views

CVE-2025-39530

Cross-Site Request Forgery CSRF vulnerability in dsky Site Search 360 site-search-360 allows Stored XSS.This issue affects Site Search 360: from n/a through = 2.1.8...

7.1CVSS0.00173EPSS
Exploits0References1
CVE
CVE
added 2025/04/16 12:45 p.m.51 views

CVE-2025-39530

CVE-2025-39530 refers to a CSRF-to-Stored-XSS vulnerability in the WordPress plugin “Site Search 360” (WordPress Site Search 360) affecting versions up to 2.1.7. The NVD entry and Red Hat advisory describe cross-site request forgery that enables stored XSS with a CVSS v3.1 base score of 7.1 (HIGH...

7.1CVSS7.2AI score0.00173EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/16 12:45 p.m.16 views

CVE-2025-39530 WordPress Site Search 360 plugin <= 2.1.8 - Cross Site Request Forgery (CSRF) to stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in dsky Site Search 360 site-search-360 allows Stored XSS.This issue affects Site Search 360: from n/a through = 2.1.8...

7.1CVSS0.00173EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/16 12:45 p.m.5 views

CVE-2025-39530 WordPress Site Search 360 plugin <= 2.1.7 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in dsky Site Search 360 allows Stored XSS. This issue affects Site Search 360: from n/a through 2.1.7...

7.1CVSS7AI score0.00173EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/16 12:0 a.m.4 views

WordPress plugin Site Search 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

7.1CVSS7.3AI score0.00173EPSS
Exploits0References1
OSV
OSV
added 2025/02/01 4:15 a.m.4 views

CVE-2024-11780

The Site Search 360 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ss360-resultblock' shortcode in all versions up to, and including, 2.1.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

5.4CVSS7.4AI score0.00237EPSS
Exploits0References2
NVD
NVD
added 2025/02/01 4:15 a.m.15 views

CVE-2024-11780

The Site Search 360 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ss360-resultblock' shortcode in all versions up to, and including, 2.1.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS0.00237EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/02/01 3:21 a.m.16 views

CVE-2024-11780 Site Search 360 <= 2.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Site Search 360 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ss360-resultblock' shortcode in all versions up to, and including, 2.1.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS0.00237EPSS
Exploits0References2
CVE
CVE
added 2025/02/01 3:21 a.m.42 views

CVE-2024-11780

CVE-2024-11780 : Site Search 360 for WordPress is affected by a Stored Cross‑Site Scripting vulnerability in all versions up to 2.1.6 via the ss360-resultblock shortcode, caused by insufficient input sanitization and output escaping. Exploitation requires authentication at contributor level or hi...

6.4CVSS5.7AI score0.00237EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/02/01 3:21 a.m.5 views

CVE-2024-11780 Site Search 360 <= 2.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Site Search 360 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ss360-resultblock' shortcode in all versions up to, and including, 2.1.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS5.8AI score0.00237EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/01/31 11:6 p.m.2 views

WordPress Site Search 360 plugin <= 2.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zaim in WordPress Plugin Site Search 360 versions = 2.1.6...

6.4CVSS5.7AI score0.00237EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder