Lucene search
K

107 matches found

CNNVD
CNNVD
added 2023/03/06 12:0 a.m.6 views

WordPress plugin eVision Responsive Column Layout Shortcodes 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

5.4CVSS5.4AI score0.00471EPSS
Exploits2References2
CNNVD
CNNVD
added 2023/03/06 12:0 a.m.4 views

WordPress plugin Synved Shortcodes 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

5.4CVSS5.4AI score0.00471EPSS
Exploits1References2
OSV
OSV
added 2023/02/27 4:15 p.m.2 views

CVE-2023-0168

The Olevmedia Shortcodes WordPress plugin through 1.1.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS6.1AI score0.0049EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/02/27 3:24 p.m.8 views

CVE-2023-0539 GS Insever Portfolio < 1.4.5 - Contributor+ Stored XSS

The GS Insever Portfolio WordPress plugin before 1.4.5 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.5AI score0.00528EPSS
Exploits2References1
CNNVD
CNNVD
added 2023/02/27 12:0 a.m.6 views

WordPress plugin Wufoo Shortcode 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

5.4CVSS6.5AI score0.00528EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/02/27 12:0 a.m.19 views

WordPress Plugin GigPress SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerability exists i...

8.8CVSS8.2AI score0.01301EPSS
Exploits2References2
OSV
OSV
added 2023/02/21 9:15 a.m.4 views

CVE-2023-0271

The WP Font Awesome WordPress plugin before 1.7.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embedded, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS6.1AI score0.00471EPSS
Exploits2References1
CNNVD
CNNVD
added 2023/02/21 12:0 a.m.6 views

WordPress plugin Youzify 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

5.4CVSS5.4AI score0.00471EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/02/21 12:0 a.m.18 views

WordPress Plugin Hueman Addons 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

5.4CVSS5.4AI score0.00471EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2023/02/21 12:0 a.m.4 views

PT-2023-16129 · WordPress · Wp Font Awesome

Name of the Vulnerable Software and Affected Versions: WP Font Awesome WordPress plugin versions prior to 1.7.9 Description: The issue arises from the plugin's failure to validate and escape certain shortcode attributes before outputting them in a page or post, potentially allowing users with the...

5.4CVSS5.3AI score0.00471EPSS
Exploits2References5
CNNVD
CNNVD
added 2023/02/21 12:0 a.m.4 views

WordPress Plugin Bootstrap Shortcodes 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

5.4CVSS5.4AI score0.00471EPSS
Exploits2References2
CNNVD
CNNVD
added 2023/02/21 12:0 a.m.6 views

WordPress Plugin Easy Social Box 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

5.4CVSS5.4AI score0.00471EPSS
Exploits2References2
CNNVD
CNNVD
added 2023/02/21 12:0 a.m.5 views

WordPress Plugin Simple File Downloader 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.8CVSS5.4AI score0.00627EPSS
Exploits2References3
Vulnrichment
Vulnrichment
added 2023/02/13 2:32 p.m.6 views

CVE-2023-0075 Amazon JS <= 0.10 - Contributor+ Stored XSS

The Amazon JS WordPress plugin through 0.10 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.5AI score0.00635EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/02/13 2:32 p.m.5 views

CVE-2022-4783 Youtube Channel Gallery <= 2.4 - Contributor+ Stored XSS via Shortcode

The Youtube Channel Gallery WordPress plugin through 2.4 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attack...

5.9AI score0.0047EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/02/13 12:0 a.m.6 views

WordPress plugin Spotlight Social Feeds 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...

5.4CVSS6.5AI score0.00526EPSS
Exploits2References2
CNNVD
CNNVD
added 2023/02/13 12:0 a.m.7 views

WordPress plugin YARPP 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.8CVSS5.4AI score0.00707EPSS
Exploits2References2
CNNVD
CNNVD
added 2023/02/13 12:0 a.m.6 views

WordPress plugin Lightweight Accordion 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...

5.4CVSS5.4AI score0.00562EPSS
Exploits2References2
CNNVD
CNNVD
added 2023/02/13 12:0 a.m.5 views

WordPress plugin Widget Shortcode 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress...

5.4CVSS5.4AI score0.0054EPSS
Exploits2References2
CNNVD
CNNVD
added 2023/02/13 12:0 a.m.5 views

WordPress plugin Meks Flexible Shortcodes 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

5.4CVSS5.4AI score0.0054EPSS
Exploits2References2
Rows per page
Query Builder