Lucene search
+L

107 matches found

cnnvd
cnnvd
added 2023/01/16 12:0 a.m.5 views

WordPress plugin Carousel、Slider、Gallery 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

5.4CVSS5.4AI score0.00471EPSS
Exploits2References2
prion
prion
added 2023/01/09 11:15 p.m.22 views

Cross site scripting

The Table of Contents Plus WordPress plugin before 2212 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...

4.9CVSS5.3AI score0.00575EPSS
Exploits2References1Affected Software1
cnnvd
cnnvd
added 2023/01/09 12:0 a.m.4 views

WordPress Plugin WP-Table Reloadedn 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

5.4CVSS5.4AI score0.00471EPSS
Exploits2References2
wpvulndb
wpvulndb
added 2022/12/28 12:0 a.m.21 views

WP Popups < 2.1.4.8 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC Exploit:...

5.4CVSS1.4AI score0.00471EPSS
Exploits2Affected Software1
osv
osv
added 2022/12/19 2:15 p.m.6 views

CVE-2022-3987

The Responsive Lightbox2 WordPress plugin before 1.0.4 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks...

5.4CVSS5.8AI score0.00471EPSS
Exploits2References1
prion
prion
added 2021/06/09 5:15 a.m.26 views

Stack overflow

Possible stack out of bound write might happen due to time bitmap length and bit duration fields of the attributes like NAN ranging setup attribute inside a NAN management frame are not Properly validated in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer...

10CVSS9.3AI score0.00796EPSS
Exploits0References1
osv
osv
added 2017/10/10 8:29 p.m.6 views

CVE-2017-11062

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, currently attributes are not validated in wlanhddcfg80211doacs which can potentially lead to a buffer overread...

7.5CVSS6AI score0.00514EPSS
Exploits0References2
Rows per page
Query Builder