Lucene search
K

7 matches found

Positive Technologies
Positive Technologies
added 2026/03/21 12:0 a.m.14 views

PT-2026-26821

The Outgrow plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' attribute of the 'outgrow' shortcode in all versions up to, and including, 2.1. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS6AI score0.00243EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/03/03 12:0 a.m.4 views

WordPress plugin SW Plus 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...

7.1CVSS5.9AI score0.00363EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/10/19 12:0 a.m.4 views

WordPress plugin Team Showcase cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

6.4CVSS6.6AI score0.00446EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2019/10/23 12:0 a.m.6 views

PT-2019-7464 · Sandhills Development · Easy Digital Downloads

Name of the Vulnerable Software and Affected Versions: Easy Digital Downloads EDD core component versions 1.8.x through 1.8.6 Easy Digital Downloads EDD core component versions 1.9.x through 1.9.9 Easy Digital Downloads EDD core component versions 2.0.x through 2.0.4 Easy Digital Downloads EDD co...

6.1CVSS6.1AI score0.00923EPSS
Exploits0References5
CNVD
CNVD
added 2019/08/06 12:0 a.m.4 views

Magento Cross-Site Request Forgery Vulnerability (CNVD-2019-25993)

Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engines and payment gateways and other functions. A cross-site request forgery vulnerability exists in Magento versions 2.1.18 before 2.1, 2.2.9 before 2.2.2 and...

4.3CVSS6.9AI score0.00378EPSS
Exploits0References1
CNVD
CNVD
added 2019/08/06 12:0 a.m.3 views

Magento Information Disclosure Vulnerability (CNVD-2019-26252)

Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engines and payment gateways and other functions. An information disclosure vulnerability exists in Magento version 2.1 before 2.1.18, version 2.2 before 2.2.9, an...

7.5CVSS6.2AI score0.01143EPSS
Exploits0References1
CNVD
CNVD
added 2019/07/12 12:0 a.m.4 views

Patchwork Cross-Site Scripting Vulnerability

Patchwork is a Web-based patch tracking management system. A cross-site scripting vulnerability exists in the template tag in Patchwork versions v1.1 through v2.1.x. The vulnerability stems from the lack of proper validation of client-side data in the WEB application, and can be exploited by an...

6.1CVSS6.4AI score0.01338EPSS
Exploits0References1
Rows per page
Query Builder