Lucene search
K

52 matches found

OSV
OSV
added 2022/07/22 5:15 p.m.4 views

CVE-2022-34853

Multiple Authenticated contributor or higher user role Persistent Cross-Site Scripting XSS vulnerabilities in wpWax Team plugin = 1.2.6 at WordPress...

5.4CVSS5.8AI score0.00457EPSS
Exploits0References2
OSV
OSV
added 2022/07/22 5:15 p.m.6 views

CVE-2022-34650

Multiple Authenticated contributor or higher user role Stored Cross-Site Scripting XSS vulnerabilities in wpWax Team plugin = 1.2.6 at WordPress...

5.4CVSS5.8AI score0.00457EPSS
Exploits0References2
NVD
NVD
added 2022/07/22 5:15 p.m.26 views

CVE-2022-34650

Multiple Authenticated contributor or higher user role Stored Cross-Site Scripting XSS vulnerabilities in wpWax Team plugin = 1.2.6 at WordPress...

5.4CVSS0.00457EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/07/22 4:51 p.m.24 views

CVE-2022-34650 WordPress Team plugin <= 1.2.6 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities

Multiple Authenticated contributor or higher user role Stored Cross-Site Scripting XSS vulnerabilities in wpWax Team plugin = 1.2.6 at WordPress...

4.1CVSS5.6AI score0.00457EPSS
Exploits0References2
CVE
CVE
added 2022/07/22 4:49 p.m.71 views

CVE-2022-34853

CVE-2022-34853 affects the WordPress plugin wpWax Team (≤ 1.2.6). The vulnerability is a persistent XSS that requires authentication from a contributor or higher user role; it arises from inadequate sanitisation/escaping of user-supplied data in the plugin. Impact is client-side script execution;...

5.4CVSS5AI score0.00457EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/07/20 12:0 a.m.30 views

WordPress Team plugin <= 1.2.6 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities

Multiple Authenticated Stored Cross-Site Scripting XSS vulnerabilities were discovered by Ngo Van Thien Patchstack Alliance in the WordPress Team plugin versions = 1.2.6. Solution Deactivate and delete. This plugin has been closed as of May 3, 2022 and is not available for download. Reason:...

5.4CVSS3.4AI score0.00457EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/07/20 12:0 a.m.21 views

WordPress Team plugin <= 1.2.6 - Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities

Multiple Authenticated Persistent Cross-Site Scripting XSS vulnerabilities were discovered by m0ze Patchstack in the WordPress Team plugin versions = 1.2.6. Solution Deactivate and delete. This plugin has been closed as of May 3, 2022 and is not available for download. Reason: Licensing/Trademark...

5.4CVSS3.2AI score0.00457EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.17 views

WordPress Ant Admin Notices for Team plugin <= 1.0.4 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Ant Admin Notices for Team plugin versions = 1.0.4. Solution No patched version available...

2.6AI score
Exploits0References2Affected Software1
Prion
Prion
added 2016/01/12 7:59 p.m.13 views

Path traversal

Absolute path traversal vulnerability in include/user/download.php in the Swim Team plugin 1.44.10777 for WordPress allows remote attackers to read arbitrary files via a full pathname in the file parameter...

5CVSS7.2AI score0.32714EPSS
Exploits2References6Affected Software1
Cvelist
Cvelist
added 2016/01/12 7:0 p.m.21 views

CVE-2015-5471

Absolute path traversal vulnerability in include/user/download.php in the Swim Team plugin 1.44.10777 for WordPress allows remote attackers to read arbitrary files via a full pathname in the file parameter...

5.7AI score0.32714EPSS
Exploits2References6
CVE
CVE
added 2016/01/12 7:0 p.m.69 views

CVE-2015-5471

CVE-2015-5471 affects WordPress Swim Team plugin

5.3CVSS5.6AI score0.32714EPSS
In wildExploits2References6Affected Software1
CNVD
CNVD
added 2015/07/14 12:0 a.m.5 views

WordPress Swim Team Plugin Arbitrary File Download Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, which supports personal blog sites set up on servers with PHP and MySQL. Swim Team aka, wp-SwimTeam is one of the plug-ins for the Swim Team management system. An arbitrary file download...

5.3CVSS6.9AI score0.32714EPSS
Exploits2References1
Rows per page
Query Builder