Lucene search
K

225 matches found

Positive Technologies
Positive Technologies
added 2024/08/06 12:0 a.m.9 views

PT-2024-37445 · Haloitsm · Haloitsm

Name of the Vulnerable Software and Affected Versions: HaloITSM versions up to 2.146.1 Description: The issue is a Stored Cross-Site Scripting XSS vulnerability, where injected JavaScript code can execute arbitrary actions on behalf of the user accessing a ticket. Recommendations: For HaloITSM...

8CVSS6.1AI score0.00355EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/07/22 12:0 a.m.5 views

PT-2024-27432 · Striking · Striking

Name of the Vulnerable Software and Affected Versions: Striking versions n/a through 2.3.4 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Reflected XSS. Recommendations: For versions n/a...

7.1CVSS6.8AI score0.00272EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/07/22 12:0 a.m.6 views

PT-2024-27427 · Vcita · Vcita Online Booking & Scheduling Calendar

Name of the Vulnerable Software and Affected Versions: vCita.Com Online Booking & Scheduling Calendar for WordPress by vcita versions n/a through 4.4.2 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This...

7.1CVSS6.8AI score0.00308EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/07/22 12:0 a.m.3 views

PT-2024-28200 · WordPress · Wp Media Sas Search & Replace

Name of the Vulnerable Software and Affected Versions: WP MEDIA SAS Search & Replace versions n/a through 3.2.2 Description: The issue is related to Deserialization of Untrusted Data, which affects the Search & Replace plugin. Recommendations: For versions n/a through 3.2.2, update to a version...

9.8CVSS6.8AI score0.00307EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/07/20 12:0 a.m.6 views

PT-2024-37717 · WordPress · Addonify – Quick View For Woocommerce

Name of the Vulnerable Software and Affected Versions: Addonify – Quick View For WooCommerce plugin for WordPress versions up to, and including, 1.2.16 Description: The issue is related to Full Path Disclosure, which occurs because the plugin utilizes mobiledetect without preventing direct access...

5.3CVSS6.7AI score0.00552EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/07/20 12:0 a.m.7 views

PT-2024-28131

Name of the Vulnerable Software and Affected Versions Sky Addons for Elementor versions 2.5.5 and earlier Description The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks. Recommendations Fo...

6.5CVSS5.4AI score0.0032EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/07/12 12:0 a.m.5 views

PT-2024-37740 · Blubrry · Powerpress Podcasting Plugin

Name of the Vulnerable Software and Affected Versions: PowerPress Podcasting plugin by Blubrry plugin for WordPress versions up to, and including, 11.9.10 Description: The issue is related to Reflected Cross-Site Scripting via the media url parameter due to insufficient input sanitization and...

6.4CVSS6.5AI score0.00387EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/07/12 12:0 a.m.5 views

PT-2024-28180 · Realtyna · Realtyna Organic Idx Plugin

Name of the Vulnerable Software and Affected Versions: Realtyna Organic IDX plugin versions n/a through 4.14.13 Description: The issue affects the Realtyna Organic IDX plugin, allowing for the unrestricted upload of files with dangerous types, which can lead to code injection. Recommendations: Fo...

9.1CVSS7.2AI score0.00489EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/07/06 12:0 a.m.7 views

PT-2024-27652 · Ultraaddons · Ultraaddons Elementor Lite

Name of the Vulnerable Software and Affected Versions: UltraAddons Elementor Lite versions through 1.1.6 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for potential exploitation. No information...

6.5CVSS6.6AI score0.00242EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/06/29 12:0 a.m.4 views

PT-2024-36969 · WordPress · Extensions For Elementor

Name of the Vulnerable Software and Affected Versions: Extensions for Elementor plugin for WordPress versions up to, and including, 2.0.30 Description: The issue is related to Stored Cross-Site Scripting via the url parameter within the EE Button widget due to insufficient input sanitization and...

6.4CVSS6.2AI score0.00372EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/06/19 12:0 a.m.6 views

PT-2024-13645 · Crocoblock · Crocoblock Jetelements For Elementor

Name of the Vulnerable Software and Affected Versions: Crocoblock JetElements For Elementor versions 2.6.13 and earlier Description: The issue is related to a Missing Authorization vulnerability. This means that there is a lack of proper authorization checks, potentially allowing unauthorized...

6.3CVSS9.3AI score0.00268EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/06/11 12:0 a.m.8 views

PT-2024-14453 · Woo · Woocommerce Product Vendors

Name of the Vulnerable Software and Affected Versions: WooCommerce Product Vendors versions through 2.2.2 Description: A Missing Authorization issue affects the Woo WooCommerce Product Vendors. Recommendations: For versions through 2.2.2, update to a version later than 2.2.2 to resolve the issue...

5.3CVSS9.6AI score0.00313EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/06/08 12:0 a.m.5 views

PT-2024-26705 · Unknown · Woody Ad Snippets

Name of the Vulnerable Software and Affected Versions: Woody ad snippets versions n/a through 2.4.10 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks. No information is...

5.9CVSS5.5AI score0.00274EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2024/06/08 12:0 a.m.4 views

PT-2024-26669 · Unknown · Magnigenie Restropress

Name of the Vulnerable Software and Affected Versions: MagniGenie RestroPress versions through 3.1.2.1 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS, which allows Stored XSS. This means that an attacker can...

6.5CVSS6AI score0.00276EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/06/08 12:0 a.m.8 views

PT-2024-26643 · WordPress · Fahad Mahmood Wp Docs

Name of the Vulnerable Software and Affected Versions: Fahad Mahmood WP Docs versions n/a through 2.1.3 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks. Recommendations: Fo...

6.5CVSS5.6AI score0.00277EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/06/08 12:0 a.m.10 views

PT-2024-26644 · WordPress · Fahad Mahmood Wp Docs

Name of the Vulnerable Software and Affected Versions: Fahad Mahmood WP Docs versions n/a through 2.1.3 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Reflected XSS. Recommendations: For...

7.1CVSS6.5AI score0.00327EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/06/06 12:0 a.m.9 views

PT-2024-28840 · WordPress · Post Blocks +5

Name of the Vulnerable Software and Affected Versions: Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel – Combo Blocks plugin for WordPress versions up to, and including, 2.2.80 Description: The issue is related to Stored Cross-Site Scripting via the class...

6.4CVSS5.9AI score0.00263EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/06/05 12:0 a.m.5 views

PT-2024-30607 · WordPress · Qi Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Qi Addons For Elementor plugin for WordPress versions up to, and including, 1.7.2 Description: The issue is related to Stored Cross-Site Scripting via the plugin's button widgets due to insufficient input sanitization and output escaping on...

6.4CVSS5.9AI score0.00329EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2024/06/05 12:0 a.m.14 views

PT-2024-26109

Name of the Vulnerable Software and Affected Versions GP Premium plugin for WordPress versions up to, and including, 2.4.0 Description The issue is related to Reflected Cross-Site Scripting via the message parameter due to insufficient input sanitization and output escaping. This allows...

6.1CVSS6.1AI score0.00637EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/05/30 12:0 a.m.6 views

PT-2024-19471 · WordPress · Testimonial Carousel For Elementor

Name of the Vulnerable Software and Affected Versions: Testimonial Carousel For Elementor plugin for WordPress versions up to, and including, 10.2.1 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the plugin's carousel widgets,...

6.4CVSS7AI score0.00326EPSS
Exploits0References5
Rows per page
Query Builder