Lucene search
K

16 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-46060

Malicious code in bioql PyPI...

5.9CVSS8.6AI score0.00274EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:44 a.m.5 views

CVE-2024-52491

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sanil Shakya Sticky Social Icons sticky-social-icons allows Stored XSS.This issue affects Sticky Social Icons: from n/a through = 1.2.1...

5.9CVSS7.2AI score0.00274EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:18 a.m.5 views

CVE-2024-10551

The Sticky Social Icons WordPress plugin through 1.2.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.3AI score0.00303EPSS
Exploits1References1
NVD
NVD
added 2024/12/06 6:15 a.m.18 views

CVE-2024-10551

The Sticky Social Icons WordPress plugin through 1.2.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS0.00303EPSS
Exploits1References1
OSV
OSV
added 2024/12/06 6:15 a.m.4 views

CVE-2024-10551

The Sticky Social Icons WordPress plugin through 1.2.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.8AI score0.00303EPSS
Exploits1References1
CVE
CVE
added 2024/12/06 6:0 a.m.57 views

CVE-2024-10551

The CVE-2024-10551 entry concerns the WordPress plugin Sticky Social Icons up to version 1.2.1. The description states that the plugin does not sanitize and escape certain settings, which could allow high-privilege users (such as admins) to perform Stored Cross-Site Scripting attacks even when un...

4.8CVSS5.4AI score0.00303EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2024/12/06 6:0 a.m.25 views

CVE-2024-10551 Sticky Social Icons <= 1.2.1 - Admin+ Stored XSS

The Sticky Social Icons WordPress plugin through 1.2.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

0.00303EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/12/06 6:0 a.m.14 views

CVE-2024-10551 Sticky Social Icons <= 1.2.1 - Admin+ Stored XSS

The Sticky Social Icons WordPress plugin through 1.2.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.7AI score0.00303EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/12/06 12:0 a.m.4 views

WordPress plugin Sticky Social Icons 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.8CVSS6AI score0.00303EPSS
Exploits1References1
NVD
NVD
added 2024/12/02 2:15 p.m.9 views

CVE-2024-52491

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sanil Shakya Sticky Social Icons sticky-social-icons allows Stored XSS.This issue affects Sticky Social Icons: from n/a through = 1.2.1...

5.9CVSS0.00274EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/02 1:48 p.m.18 views

CVE-2024-52491 WordPress Sticky Social Icons plugin <= 1.2.1 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sanil Shakya Sticky Social Icons sticky-social-icons allows Stored XSS.This issue affects Sticky Social Icons: from n/a through = 1.2.1...

5.9CVSS0.00274EPSS
Exploits0References1
CVE
CVE
added 2024/12/02 1:48 p.m.41 views

CVE-2024-52491

CVE-2024-52491 is a Stored XSS in WordPress Sticky Social Icons plugin (versions &lt;= 1.2.1) due to improper input neutralization during web page generation. Affected software: Sticky Social Icons plugin for WordPress (

5.9CVSS7.2AI score0.00274EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/02 12:0 a.m.39 views

PT-2024-35332 · Unknown · Sanil Shakya Sticky Social Icons

Name of the Vulnerable Software and Affected Versions: Sanil Shakya Sticky Social Icons versions 1.2.1 and earlier Description: The issue is related to improper neutralization of input during web page generation, also known as 'Cross-site Scripting', which allows stored XSS. Recommendations: For...

5.9CVSS9.3AI score0.00274EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/12/02 12:0 a.m.4 views

WordPress plugin Sticky Social Icons 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

5.9CVSS7.7AI score0.00274EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/11/20 9:31 a.m.4 views

WordPress Sticky Social Icons plugin <= 1.2.1 - Stored Cross Site Scripting (XSS) vulnerability

Stored Cross Site Scripting XSS vulnerability discovered by UKO Patchstack Alliance in WordPress Plugin Sticky Social Icons versions = 1.2.1...

5.9CVSS5.8AI score0.00274EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/11/20 12:0 a.m.9 views

WordPress Sticky Social Icons Plugin <= 1.2.1 is vulnerable to Cross Site Scripting (XSS)

Software Sticky Social Icons Type Plugin Vulnerable versions = 1.2.1 Fixed in N/A OWASP Top 10 A4: Insecure Design Classification Cross Site Scripting XSS CVE CVE-2024-52491 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 9579d1011a2c Credits UKO Required privilege...

6.2AI score0.00274EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder