Lucene search
K

11 matches found

CNNVD
CNNVD
added 2025/12/09 12:0 a.m.3 views

WordPress plugin Simple Folio 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

4.3CVSS6.6AI score0.00107EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/15 12:0 a.m.9 views

PT-2025-33458 · WordPress · Elink – Embed Content

Name of the Vulnerable Software and Affected Versions: elink – Embed Content plugin for WordPress versions up to and including 1.1.0 Description: The elink – Embed Content plugin for WordPress is susceptible to malicious redirection due to insufficient restriction of URLs supplied through the eli...

6.4CVSS6.2AI score0.00228EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/02/25 12:0 a.m.8 views

PT-2025-7804 · Benner · Benner Modernanet

Name of the Vulnerable Software and Affected Versions: Benner ModernaNet versions 1.1.0 and earlier Description: A critical issue has been found in Benner ModernaNet, affecting an unknown part of the file...

9.8CVSS7.6AI score0.0059EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2025/01/02 12:0 a.m.5 views

PT-2025-3227 · Unknown · Gs Coaches

Name of the Vulnerable Software and Affected Versions: GS Coaches versions 1.1.0 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This stored XSS vulnerability is present in GS Plugins GS Coaches,...

6.5CVSS8.9AI score0.0025EPSS
Exploits0References5
Patchstack
Patchstack
added 2024/11/25 12:0 a.m.9 views

WordPress Support SVG Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)

Software Support SVG Type Plugin Vulnerable versions = 1.1.0 Fixed in 1.1.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-11091 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 7d70333b5396 Credits Francesco Carlucci Required...

6.4CVSS5.7AI score0.00391EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/06/27 12:0 a.m.12 views

WordPress PDF Viewer Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)

Software PDF Viewer Type Plugin Vulnerable versions = 1.1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-4367 Patch priority Low CVSS severity Low 4 Developer Claim ownership PSID d7d95e288520 Credits Yudistira Arya Required privilege Author Publish...

6.9AI score0.72648EPSS
Exploits15References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/05/03 12:0 a.m.5 views

PT-2024-25549 · Macho Themes · Machothemes Cpo Companion

Name of the Vulnerable Software and Affected Versions: MachoThemes CPO Companion versions 1.1.0 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker ca...

6.5CVSS5.6AI score0.00315EPSS
Exploits0References4
Patchstack
Patchstack
added 2023/09/14 12:0 a.m.21 views

WordPress Essential Blocks Pro Plugin <= 1.1.0 is vulnerable to PHP Object Injection

Software Essential Blocks Pro Type Plugin Vulnerable versions = 1.1.0 Fixed in 1.1.1 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2023-4386 Patch priority High CVSS severity High 8.3 Developer Claim ownership PSID b459be820fbe Credits Marco Wotschka Required privilege...

8.1CVSS7.2AI score0.00768EPSS
Exploits2References2Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.9 views

WordPress 1 Click Close Store Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)

Software 1 Click Close Store Type Plugin Vulnerable versions = 1.1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 5d6ea0096ad8 Credits Rafie Muhammad Patchstack...

6.8AI score0.00284EPSS
Exploits0References3Affected Software1
vulnersOsv
vulnersOsv
added 2020/12/04 8:4 p.m.4 views

egg-html-purify (>=1.0.0 <=1.0.2), think-purify (>=1.0.0 <=1.1.4) potentially affected by unknown CVE via html-purify (=1.1.0)

html-purify NPM version =1.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on html-purify and may be impacted: - egg-html-purify =1.0.0, =1.0.0, =1.1.4 Source cves: unknown CVE Source advisory: OSV:GHSA-5P28-63MC-CGR9...

5.8AI score
Exploits0
exploitpack
exploitpack
added 2011/08/28 12:0 a.m.18 views

Ferdows CMS Pro 1.1.0 - Multiple Vulnerabilities

Ferdows CMS Pro 1.1.0 - Multiple Vulnerabilities www.BugReport.ir AmnPardaz Security Research Team Title: Ferdows CMS Pro =1.1.0 Multiple Vulnerabilities Vendor: www.fcms.ir Exploit: Available Vulnerable Version: 1.1.0 Pro Impact: Medium Original Advisory: http://www.bugreport.ir/index77.htm Fix:...

0.3AI score
Exploits0
Rows per page
Query Builder