Lucene search
K

8 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-34056

Malicious code in bioql PyPI...

6.1CVSS8.7AI score0.00352EPSS
Exploits0References2
redhatcve
redhatcve
added 2025/05/23 6:50 a.m.7 views

CVE-2024-11367

The Smoove connector for Elementor forms plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 4.1.0. This makes it possible for unauthenticated attackers to inject arbitrary...

6.1CVSS6.4AI score0.00352EPSS
Exploits0References1
nvd
nvd
added 2024/12/07 10:15 a.m.15 views

CVE-2024-11367

The Smoove connector for Elementor forms plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 4.1.0. This makes it possible for unauthenticated attackers to inject arbitrary...

6.1CVSS0.00352EPSS
Exploits0References3
cve
cve
added 2024/12/07 9:27 a.m.82 views

CVE-2024-11367

CVE-2024-11367 : The Smoove connector for Elementor forms (WordPress) suffers a reflected XSS due to unescaped add_query_arg usage in URLs for all versions up to 4.1.0. Exploitation requires user interaction (tricking a user into clicking a link), with unauthenticated attackers capable of injecti...

6.1CVSS6.1AI score0.00352EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2024/12/07 9:27 a.m.28 views

CVE-2024-11367 Smoove connector for Elementor forms <= 4.1.0 - Reflected Cross-Site Scripting

The Smoove connector for Elementor forms plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 4.1.0. This makes it possible for unauthenticated attackers to inject arbitrary...

6.1CVSS6.4AI score0.00352EPSS
Exploits0References2
cvelist
cvelist
added 2024/12/07 9:27 a.m.21 views

CVE-2024-11367 Smoove connector for Elementor forms <= 4.1.0 - Reflected Cross-Site Scripting

The Smoove connector for Elementor forms plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 4.1.0. This makes it possible for unauthenticated attackers to inject arbitrary...

6.1CVSS0.00352EPSS
Exploits0References3
cnnvd
cnnvd
added 2024/12/07 12:0 a.m.4 views

WordPress plugin Smoove connector for Elementor forms 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in...

6.1CVSS7.6AI score0.00352EPSS
Exploits0References2
patchstack
patchstack
added 2024/12/06 10:16 p.m.8 views

WordPress Smoove connector for Elementor forms plugin <= 4.1.0 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin Smoove connector for Elementor forms versions = 4.1.0...

6.1CVSS6.3AI score0.00352EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder