9 matches found
CVE-2019-17045
Ilch 2.1.22 allows stored XSS via the title, text, or email id to the Jobs Tab...
CVE-2025-45242
Rhymix v2.1.22 was discovered to contain an arbitrary file deletion vulnerability via the procFileAdminEditImage method in /file/file.admin.controller.php...
CVE-2025-31412
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetProductGallery jet-woo-product-gallery allows DOM-Based XSS.This issue affects JetProductGallery: from n/a through = 2.1.22...
CVE-2025-31412 WordPress JetProductGallery plugin <= 2.1.22 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NotFound JetProductGallery allows DOM-Based XSS. This issue affects JetProductGallery: from n/a through 2.1.22...
CVE-2025-31412 WordPress JetProductGallery plugin <= 2.1.22 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetProductGallery jet-woo-product-gallery allows DOM-Based XSS.This issue affects JetProductGallery: from n/a through = 2.1.22...
WordPress plugin JetProductGallery 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A cross-site...
WordPress Author Avatars List/Block Plugin <= 2.1.21 is vulnerable to Cross Site Scripting (XSS)
Software Author Avatars List/Block Type Plugin Vulnerable versions = 2.1.21 Fixed in 2.1.22 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47370 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 7fcface20444 Credits Hwang Se-yeon Requir...
PT-2022-24384 · Daikin · Daikin Svmpc1 +1
Name of the Vulnerable Software and Affected Versions: Daikin SVMPC1 versions 2.1.22 and prior Daikin SVMPC2 versions 1.2.3 and prior Description: The issue allows attackers with access to the local area network LAN to disclose sensitive information stored by the affected product without requirin...
Elite Bulletin Board 2.1.21 - Multiple SQL Injections
Advisory ID: HTB23133 Product: Elite Bulletin Board Vendor: elite-board.us Vulnerable Versions: 2.1.21 and probably prior Tested Version: 2.1.21 Vendor Notification: November 28, 2012 Vendor Patch: December 6, 2012 Public Disclosure: December 19, 2012 Vulnerability Type: SQL Injection CWE-89 CVE...