Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded 2023/11/30 4:15 p.m.0 views

CVE-2023-39921

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Molongui Author Box, Guest Author and Co-Authors for Your Posts – Molongui allows Stored XSS.This issue affects Author Box, Guest Author and Co-Authors for Your Posts – Molongui: from n/a through...

4.8CVSS7.3AI score0.00135EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2023/11/30 12:0 a.m.2 views

PT-2023-27156 · Molongui · Molongui Author Box

Name of the Vulnerable Software and Affected Versions: Molongui Author Box, Guest Author and Co-Authors for Your Posts – Molongui versions through 4.6.19 Description: The issue is related to improper neutralization of input during web page generation, which allows for stored cross-site scripting...

5.9CVSS5.8AI score0.00135EPSS
Exploits0References5
OSV
OSVadded 2023/09/04 10:15 a.m.1 views

CVE-2023-39164

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Molongui Author Box for Authors, Co-Authors, Multiple Authors and Guest Authors – Molongui plugin = 4.6.19 versions...

6.1CVSS6.8AI score
Exploits0References1
CNVD
CNVDadded 2019/08/16 12:0 a.m.2 views

WordPress Tribulant Newsletters Plugin Path Traversal Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Tribulant Newsletters plugin is a full-featured newsletter plugin used in it. A path traversal vulnerability exists in the WordPress...

8.8CVSS6.9AI score0.01546EPSS
Exploits2References1
Positive Technologies
Positive Technologiesadded 2019/08/15 12:0 a.m.2 views

PT-2019-13833 · Tribulant · Tribulant Newsletters

Name of the Vulnerable Software and Affected Versions: Tribulant Newsletters plugin versions prior to 4.6.19 Description: The issue allows directory traversal with resultant remote PHP code execution. This is achieved via the subscribers11 parameter in conjunction with an exportfile=../ value in...

8.8CVSS8.7AI score0.01546EPSS
Exploits2References6
Positive Technologies
Positive Technologiesadded 2019/08/09 12:0 a.m.2 views

PT-2019-13832 · Tribulant · Tribulant Newsletters

Name of the Vulnerable Software and Affected Versions: Tribulant Newsletters plugin versions prior to 4.6.19 Description: The issue allows for XSS attacks via the "wp-admin/admin-ajax.php?action=newsletters load new editor" API endpoint, specifically through the contentarea parameter...

5.4CVSS5.2AI score0.002EPSS
Exploits2References6
wpexploit
wpexploitadded 2019/07/01 12:0 a.m.26 views

Newsletter Lite < 4.6.19 - Multiple Issues

- Lack of CSRF, Authorisation and sanitisation checks in the ajaxloadneweditor function, registered as an AJAX method, can lead to an authenticated reflected XSS issue. - Authenticated Directory Traversal leading to RCE XSS: As an authenticated user with a role as low as a Subscriber, open...

6.5CVSS0.5AI score0.01546EPSS
Exploits3
Rows per page
Query Builder