Lucene search
+L

130 matches found

Prion
Prion
added 2021/09/10 2:15 p.m.14 views

Cross site scripting

The Feedify – Web Push Notifications WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the feedifymsg parameter found in the /includes/base.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 2.1.8...

4.3CVSS6.1AI score0.00895EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2021/09/10 1:33 p.m.4 views

CVE-2021-38352 Feedify – Web Push Notifications <= 2.1.8 Reflected Cross-Site Scripting

The Feedify – Web Push Notifications WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the feedifymsg parameter found in the /includes/base.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 2.1.8...

6.1CVSS6.4AI score0.00895EPSS
Exploits1References2
CVE
CVE
added 2021/09/10 1:33 p.m.47 views

CVE-2021-38352

The CVE-2021-38352 entry concerns the WordPress plugin Feedify – Web Push Notifications . The vulnerability is a Reflected Cross-Site Scripting (XSS) flaw triggered via the feedify_msg parameter in the file includes/base.php , affecting versions up to and including 2.1.8 . Successful exploitation...

6.1CVSS6AI score0.00895EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2021/09/10 12:0 a.m.7 views

WordPress 插件跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress Plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists i...

6.1CVSS6.1AI score0.00895EPSS
Exploits1References4
Malwarebytes
Malwarebytes
added 2020/12/29 4:5 p.m.52 views

SearchDimension search hijackers: An overview of developments

Background information on SearchDimension SearchDimension is the name of a family of browser hijackers that makes money from ad clicks and search engine revenues. The family was named after the domain searchdimension.com that popped up in 2017, and they still sometimes use the letter combo SD in...

0.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/12/04 4:30 p.m.38 views

File-sharing and cloud storage sites: How safe are they?

There it is again—that annoying message that pops up when your email client informs you that a file is too big to attach. Those of us that are confronted with this problem on a regular basis—and those of us that want to attach files that could get picked up by anti-malware scanners along the...

7AI score
Exploits0
NVD
NVD
added 2019/08/30 2:15 p.m.17 views

CVE-2019-15827

The onesignal-free-web-push-notifications plugin before 1.17.8 for WordPress has XSS via the subdomain parameter...

5.4CVSS5.4AI score0.01063EPSS
Exploits2References3
CVE
CVE
added 2019/08/30 1:8 p.m.61 views

CVE-2019-15827

The CVE-2019-15827 entry affects the WordPress plugin onesignal-free-web-push-notifications, specifically versions before 1.17.8. The vulnerability is an XSS via the subdomain parameter (POST or input handling) that can lead to client-side script execution within the context of an affected site. ...

5.4CVSS5.3AI score0.01063EPSS
Exploits2References3Affected Software1
WPVulnDB
WPVulnDB
added 2019/07/18 12:0 a.m.20 views

OneSignal Web Push Notifications - Stored XSS

The OneSignal – Web Push Notifications WordPress plugin was affected by a Stored XSS security vulnerability...

3.5CVSS5.1AI score0.01063EPSS
Exploits2References2Affected Software1
0day.today
0day.today
added 2019/07/18 12:0 a.m.39 views

WordPress OneSignal 1.17.5 Plugin (subdomain) Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: WordPress Plugin OneSignal 1.17.5 - Persistent Cross-Site Scripting Date: 2019-07-18 Vendor Homepage: https://www.onesignal.com Software Link: https://wordpress.org/plugins/onesignal-free-web-push-notifications/ Affected version...

7.1AI score
Exploits0
Rows per page
Query Builder