Lucene search
+L

107 matches found

NVD
NVD
added 2024/03/19 2:15 p.m.18 views

CVE-2024-29134

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through = 2.11.8...

6.5CVSS6.4AI score0.00343EPSS
Exploits0References2
CVE
CVE
added 2024/03/19 1:52 p.m.65 views

CVE-2024-29134

CVE-2024-29134 affects the Tourfic WordPress plugin (versions up to 2.11.8). It is a Stored XSS due to improper neutralization of input during web page generation. The issue is fixed in Tourfic 2.11.9; administrators should upgrade to the fixed version to mitigate the vulnerability. The connected...

6.5CVSS7.2AI score0.00343EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/03/19 1:52 p.m.30 views

CVE-2024-29134 WordPress Tourfic plugin <= 2.11.8 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through = 2.11.8...

6.5CVSS6.6AI score0.00343EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/03/19 1:52 p.m.11 views

CVE-2024-29134 WordPress Tourfic plugin <= 2.11.8 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through = 2.11.8...

6.5CVSS7.2AI score0.00343EPSS
Exploits0References1
CVE
CVE
added 2024/03/19 1:51 p.m.73 views

CVE-2024-29135

CVE-2024-29135 affects the Tourfic WordPress plugin (

9.9CVSS7.2AI score0.00669EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/03/19 1:51 p.m.19 views

CVE-2024-29135 WordPress Tourfic plugin <= 2.11.15 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through = 2.11.15...

9.9CVSS7.2AI score0.00669EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/19 1:51 p.m.30 views

CVE-2024-29135 WordPress Tourfic plugin <= 2.11.15 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through = 2.11.15...

9.9CVSS9.7AI score0.00669EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/03/19 1:48 p.m.20 views

CVE-2024-29136 WordPress Tourfic plugin <= 2.11.17 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through = 2.11.17...

8.5CVSS7.2AI score0.00632EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/19 1:48 p.m.26 views

CVE-2024-29136 WordPress Tourfic plugin <= 2.11.17 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through = 2.11.17...

8.5CVSS8.7AI score0.00632EPSS
Exploits0References1
CVE
CVE
added 2024/03/19 1:48 p.m.72 views

CVE-2024-29136

CVE-2024-29136 affects the Tourfic WordPress plugin from Themefic, vulnerable to PHP Object Injection via deserialization of untrusted data in all versions up to 2.11.17. The vulnerability requires at least Subscriber+ authentication and could enable attacker-controlled object injection. Public s...

8.8CVSS7.2AI score0.00632EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2024/03/19 1:44 p.m.82 views

CVE-2024-29137

The WordPress Tourfic plugin is affected up to version 2.11.7 with a Reflected XSS vulnerability in the place parameter due to insufficient input sanitization and output escaping. This can allow attackers to execute scripts in users’ browsers. Remediation: upgrade to Tourfic 2.11.8 or later. The ...

7.1CVSS7.2AI score0.00622EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/03/19 1:44 p.m.20 views

CVE-2024-29137 WordPress Tourfic plugin <= 2.11.7 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through = 2.11.7...

7.1CVSS7.2AI score0.00622EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/19 1:44 p.m.23 views

CVE-2024-29137 WordPress Tourfic plugin <= 2.11.7 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through = 2.11.7...

7.1CVSS7.1AI score0.00622EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/03/19 12:0 a.m.4 views

WordPress Plugin Tourfic Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

7.1CVSS5.9AI score0.00622EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/03/19 12:0 a.m.7 views

WordPress Plugin Tourfic Code Issue Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in...

9.9CVSS7.1AI score0.00669EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/03/19 12:0 a.m.6 views

WordPress Plugin Tourfic Code Issue Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin Tourfic has a code issue...

8.8CVSS7.2AI score0.00632EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/03/19 12:0 a.m.11 views

PT-2024-22756

Name of the Vulnerable Software and Affected Versions Themefic Tourfic versions prior to 2.11.8 Description The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS. Recommendations For versions prior to 2.11.8...

7.1CVSS8.7AI score0.00622EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/03/19 12:0 a.m.6 views

WordPress Plugin Tourfic Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

6.5CVSS5.8AI score0.00343EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/03/19 12:0 a.m.8 views

PT-2024-22755 · Unknown · Themefic Tourfic

Name of the Vulnerable Software and Affected Versions: Themefic Tourfic versions n/a through 2.11.17 Description: The issue is related to Deserialization of Untrusted Data. This is a type of vulnerability where an application deserializes data from an untrusted source, potentially allowing an...

8.8CVSS9.5AI score0.00632EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/03/19 12:0 a.m.6 views

PT-2024-22753 · Unknown · Themefic Tourfic

Name of the Vulnerable Software and Affected Versions: Themefic Tourfic versions through 2.11.8 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as 'Cross-site Scripting', which allows Stored XSS. This means that an attacker can inject...

6.5CVSS9.2AI score0.00343EPSS
Exploits0References4
Rows per page
Query Builder