Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

OSV
OSVadded 2021/06/14 2:15 p.m.2 views

CVE-2021-24382

The Smart Slider 3 Free and pro WordPress plugins before 3.5.0.9 did not sanitise the Project Name before outputting it back in the page, leading to a Stored Cross-Site Scripting issue. By default, only administrator users could access the affected functionality, limiting the exploitability of th...

5.4CVSS6AI score0.00676EPSS
Exploits2References2
Patchstack
Patchstackadded 2021/06/07 12:0 a.m.66 views

WordPress Smart Slider 3 plugin <= 3.5.0.8 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Hardik Solanki in WordPress Smart Slider 3 plugin versions = 3.5.0.8. Solution Update the WordPress Smart Slider 3 plugin to the latest available version at least 3.5.0.9...

5.4CVSS1.2AI score0.00676EPSS
Exploits2References4Affected Software1
Metasploit
Metasploitadded 2009/11/14 10:26 p.m.17 views

AwingSoft Winds3D Player 3.5 SceneURL Download and Execute

This module exploits an untrusted program execution vulnerability within the Winds3D Player from AwingSoft. The Winds3D Player is a browser plugin for IE ActiveX, Opera DLL and Firefox XPI. By setting the 'SceneURL' parameter to the URL to an executable, an attacker can execute arbitrary code...

9.3CVSS10AI score0.24665EPSS
Exploits3
Rows per page
Query Builder