Lucene search
+L

284 matches found

OSV
OSV
added 2024/08/18 9:15 p.m.6 views

CVE-2024-43304

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Cool Plugins Cryptocurrency Widgets – Price Ticker & Coins List allows Reflected XSS.This issue affects Cryptocurrency Widgets – Price Ticker & Coins List: from n/a through 2.8.0...

6.1CVSS5.8AI score0.0029EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2024/08/18 9:15 p.m.5 views

CVE-2024-43304

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Cool Plugins Cryptocurrency Widgets – Price Ticker & Coins List allows Reflected XSS.This issue affects Cryptocurrency Widgets – Price Ticker & Coins List: from n/a through 2.8.0...

7.1CVSS5.2AI score0.0029EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/08/18 9:7 p.m.19 views

CVE-2024-43304 WordPress Cryptocurrency Widgets plugin <= 2.8.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Cool Plugins Cryptocurrency Widgets – Price Ticker & Coins List allows Reflected XSS.This issue affects Cryptocurrency Widgets – Price Ticker & Coins List: from n/a through 2.8.0...

7.1CVSS0.0029EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/08/18 12:0 a.m.7 views

WordPress plugin Cryptocurrency Widgets – Price Ticker & Coins List 跨站脚本漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress plugi...

7.1CVSS6.1AI score0.0029EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/08/16 11:48 a.m.5 views

WordPress Cryptocurrency Widgets plugin <= 2.8.0 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Trương Hữu Phúc Patchstack Alliance in WordPress Plugin Cryptocurrency Widgets – Price Ticker & Coins List versions = 2.8.0...

7.1CVSS6.1AI score0.0029EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/08/16 12:0 a.m.12 views

WordPress Cryptocurrency Widgets – Price Ticker & Coins List Plugin <= 2.8.0 is vulnerable to Cross Site Scripting (XSS)

Software Cryptocurrency Widgets – Price Ticker & Coins List Type Plugin Vulnerable versions = 2.8.0 Fixed in 2.8.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-43304 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID bdccb41579f9 Credi...

7.1CVSS6.6AI score0.0029EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/07/01 3:51 a.m.6 views

WordPress Stock Ticker plugin <= 3.24.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via stock_ticker Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via stockticker Shortcode vulnerability discovered by Dale Mavers in WordPress Plugin Stock Ticker versions = 3.24.4...

6.4CVSS5.8AI score0.00325EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/07/01 12:0 a.m.12 views

WordPress Stock Ticker Plugin <= 3.24.4 is vulnerable to Cross Site Scripting (XSS)

Software Stock Ticker Type Plugin Vulnerable versions = 3.24.4 Fixed in 3.24.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6363 Patch priority Low CVSS severity Low 6.5 Developer Aleksandar Urošević PSID b2196f70b406 Credits Dale Mavers Required...

6.4CVSS5.8AI score0.00325EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2024/06/29 7:15 a.m.35 views

CVE-2024-6363

The Stock Ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's stockticker shortcode in all versions up to, and including, 3.24.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS0.00325EPSS
Exploits0References3
OSV
OSV
added 2024/06/29 7:15 a.m.6 views

CVE-2024-6363

The Stock Ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's stockticker shortcode in all versions up to, and including, 3.24.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

5.4CVSS6AI score0.00325EPSS
Exploits0References3
CVE
CVE
added 2024/06/29 7:5 a.m.50 views

CVE-2024-6363

CVE-2024-6363 applies to the WordPress Stock Ticker plugin. The vulnerability is a Stored Cross-Site Scripting flaw in the stock_ticker shortcode due to insufficient input sanitization and output escaping. It affects all versions up to and including 3.24.4. Exploitation requires authentication (C...

6.4CVSS5.5AI score0.00325EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2024/06/29 7:5 a.m.46 views

CVE-2024-6363 Stock Ticker <= 3.24.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via stock_ticker Shortcode

The Stock Ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's stockticker shortcode in all versions up to, and including, 3.24.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS0.00325EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/06/29 7:5 a.m.22 views

CVE-2024-6363 Stock Ticker <= 3.24.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via stock_ticker Shortcode

The Stock Ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's stockticker shortcode in all versions up to, and including, 3.24.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS5.9AI score0.00325EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/06/29 12:0 a.m.5 views

PT-2024-37568 · WordPress · Stock Ticker

Name of the Vulnerable Software and Affected Versions: Stock Ticker plugin for WordPress versions up to, and including, 3.24.4 Description: The issue is related to Stored Cross-Site Scripting via the stock ticker shortcode due to insufficient input sanitization and output escaping on user-supplie...

6.4CVSS6.2AI score0.00325EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/06/29 12:0 a.m.17 views

WordPress plugin Stock Ticker security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.4CVSS6AI score0.00325EPSS
Exploits0References4
Exploit DB
Exploit DB
added 2024/06/14 12:0 a.m.344 views

XMB 1.9.12.06 - Stored XSS

Exploit Title: Persistent XSS in XMB 1.9.12.06 Date: 06/12/2024 Exploit Author: Chokri Hammedi Vendor Homepage: https://www.xmbforum2.com/ Software Link: https://www.xmbforum2.com/download/XMB-1.9.12.06.zip Version: 1.9.12.06 Tested on: Windows XP CVE: N/A Vulnerability Details A persistent store...

7.4AI score
Exploits0
OSV
OSV
added 2024/05/02 5:15 p.m.7 views

CVE-2024-3647

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's post ticker widget in all versions up to, and including, 4.10.28 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS5.9AI score0.00444EPSS
Exploits0References2
CVE
CVE
added 2024/05/02 4:51 p.m.52 views

CVE-2024-3021

The CVE-2024-3021 entry concerns the Mhr Post Ticker WordPress plugin. Reported vulnerability: Stored Cross-Site Scripting via the Header Title value in all versions up to and including 1.1, caused by insufficient input sanitization and output escaping. Impact is limited to multi-site WordPress i...

4.4CVSS5.7AI score0.00462EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/05/02 12:0 a.m.5 views

PT-2024-27016 · WordPress · Premium Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Premium Addons for Elementor plugin for WordPress versions up to, and including, 4.10.28 Description: The issue is related to Stored Cross-Site Scripting via the plugin's post ticker widget due to insufficient input sanitization and output...

6.4CVSS5.9AI score0.00444EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/05/02 12:0 a.m.3 views

WordPress plugin Mhr Post Ticker 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

4.4CVSS6.1AI score0.00462EPSS
Exploits0References4
Rows per page
Query Builder