CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5210 matches found

Prion•added 2021/09/09 7:15 p.m.•9 views

Cross site scripting

The User Activation Email WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the uae-key parameter found in the /user-activation-email.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.3.0...

4.3CVSS6.1AI score0.0021EPSS

Exploits1References2Affected Software1

Prion•added 2021/09/09 7:15 p.m.•7 views

Cross site scripting

The WP Academic People List WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the categoryname parameter in the /admin-panel.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.4.1...

4.3CVSS6.1AI score0.0021EPSS

Exploits1References2Affected Software1

NVD•added 2021/09/09 6:15 p.m.•10 views

CVE-2020-19265

A stored cross-site scripting XSS vulnerability in the index.php/Dswjcms/Basis/links component of Dswjcms 1.6.4 allows attackers to execute arbitrary web scripts or HTML...

6.1CVSS0.00305EPSS

Exploits1References1

Vulnrichment•added 2021/09/09 6:10 p.m.•5 views

CVE-2021-38323 RentPress <= 6.6.4 Reflected Cross-Site Scripting

The RentPress WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the selections parameter found in the /src/rentPress/AjaxRequests.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 6.6.4...

6.1CVSS6.1AI score0.0021EPSS

Exploits1References2

Vulnrichment•added 2021/09/09 6:10 p.m.•2 views

CVE-2021-38325 User Activation Email <= 1.3.0 Reflected Cross-Site Scripting

6.1CVSS6.1AI score0.0021EPSS

Exploits1References2

Vulnrichment•added 2021/09/09 6:10 p.m.•5 views

CVE-2021-38319 More From Google <= 0.0.2 Reflected Cross-Site Scripting

The More From Google WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $SERVER"PHPSELF" value in the /morefromgoogle.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.0.2...

6.1CVSS6AI score0.0021EPSS

Exploits1References2

Vulnrichment•added 2021/09/09 6:10 p.m.•4 views

CVE-2021-38321 Custom Menu Plugin <= 1.3.3 Reflected Cross-Site Scripting

The Custom Menu Plugin WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the selectedmenu parameter found in the /custom-menus.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.3.3...

6.1CVSS6.1AI score0.0021EPSS

Exploits1References2

Vulnrichment•added 2021/09/09 6:9 p.m.•3 views

CVE-2021-38316 WP Academic People List <= 0.4.1 Reflected Cross-Site Scripting

6.1CVSS6.1AI score0.0021EPSS

Exploits1References2

Cvelist•added 2021/09/09 6:9 p.m.•12 views

CVE-2021-38316 WP Academic People List <= 0.4.1 Reflected Cross-Site Scripting

6.1CVSS6.2AI score0.0021EPSS

Exploits1References2

Cvelist•added 2021/09/09 6:9 p.m.•12 views

CVE-2021-38322 Twitter Friends Widget <= 3.1 Reflected Cross-Site Scripting

The Twitter Friends Widget WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the pmcTFuser and pmcTFpassword parameter found in the /twitter-friends-widget.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 3.1...

6.1CVSS6.2AI score0.0021EPSS

Exploits1References2

WPVulnDB•added 2021/09/09 12:0 a.m.•11 views

Spideranalyse <= 0.0.1 - Reflected Cross-Site Scripting

The plugin is vulnerable to Reflected Cross-Site Scripting via the date parameter found in the /analyse/index.php file which allows attackers to inject arbitrary web scripts...

6.1CVSS4.9AI score0.0021EPSS

Exploits1References1Affected Software1

WPVulnDB•added 2021/09/09 12:0 a.m.•20 views

OSD Subscribe <= 1.2.3 - Reflected Cross-Site Scripting

The plugin is vulnerable to Reflected Cross-Site Scripting via the osdsubscribemessage parameter found in the /options/osdsubscribeoptionssubscribers.php file which allows attackers to inject arbitrary web scripts...

6.1CVSS4.6AI score0.0021EPSS

Exploits1References1Affected Software1

WPVulnDB•added 2021/09/09 12:0 a.m.•24 views

MoolaMojo <= 0.7.4.1 - Reflected Cross-Site Scripting

The plugin is vulnerable to Reflected Cross-Site Scripting via the classes parameter found in the /views/button-generator.html.php file which allows attackers to inject arbitrary web scripts...

6.1CVSS4.9AI score0.0021EPSS

Exploits0References1Affected Software1

WPVulnDB•added 2021/09/09 12:0 a.m.•32 views

3D Cover Carousel <= 1.0 - Reflected Cross-Site Scripting

Description The plugin is vulnerable to Reflected Cross-Site Scripting via the id parameter in the /cover-carousel.php file which allows attackers to inject arbitrary web scripts...

6.1CVSS6.1AI score0.0021EPSS

Exploits1References1

WPVulnDB•added 2021/09/09 12:0 a.m.•13 views

Custom Website Data <= 2.2 - Reflected Cross-Site Scripting

The plugin is vulnerable to Reflected Cross-Site Scripting via the id parameter found in the /views/edit.php file which allows attackers to inject arbitrary web scripts...

6.1CVSS4.7AI score0.0021EPSS

Exploits1References1Affected Software1

WPVulnDB•added 2021/09/09 12:0 a.m.•18 views

Bug Library < 2.0.4 - Reflected Cross-Site Scripting

The plugin is vulnerable to Reflected Cross-Site Scripting via the via the successimportcount parameter found in the /bug-library.php file which allows attackers to inject arbitrary web scripts...

6.1CVSS4.4AI score0.0021EPSS

Exploits1References1Affected Software1

WPVulnDB•added 2021/09/09 12:0 a.m.•18 views

Advance Search < 1.1.3 - Reflected Cross-Site Scripting

The plugin is vulnerable to Reflected Cross-Site Scripting via the wpasid parameter found in the /inc/admin/views/html-advance-search-admin-options.php file which allows attackers to inject arbitrary web scripts...

6.1CVSS4.6AI score0.0021EPSS

Exploits1References1Affected Software1

WPVulnDB•added 2021/09/09 12:0 a.m.•18 views

Simple Matted Thumbnails <= 1.01 - Reflected Cross-Site Scripting

The plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $SERVER"PHPSELF" value in the /simple-matted-thumbnail.php file which allows attackers to inject arbitrary web scripts...

6.1CVSS4AI score0.0021EPSS

Exploits1References1Affected Software1

WPVulnDB•added 2021/09/09 12:0 a.m.•17 views

Dropdown and scrollable Text <= 2.0 - Reflected Cross-Site Scripting

The plugin is vulnerable to Reflected Cross-Site Scripting via the content parameter found in the /index.php file which allows attackers to inject arbitrary web scripts...

6.1CVSS4.4AI score0.0021EPSS

Exploits1References1Affected Software1

WPVulnDB•added 2021/09/09 12:0 a.m.•20 views

Post Title Counter <= 1.1 - Reflected Cross-Site Scripting

The plugin is vulnerable to Reflected Cross-Site Scripting via the notice parameter found in the /post-title-counter.php file which allows attackers to inject arbitrary web scripts...

6.1CVSS4.7AI score0.0021EPSS

Exploits1References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by