Lucene search
K

8 matches found

EUVD
EUVD
added 2026/03/11 12:31 p.m.6 views

EUVD-2026-11143

The Name Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'namedirectoryname' parameter in all versions up to, and including, 1.32.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

7.2CVSS5.9AI score0.00255EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/03/11 11:9 a.m.3 views

CVE-2026-3178

The Name Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'namedirectoryname' parameter in all versions up to, and including, 1.32.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

7.2CVSS5.9AI score0.00255EPSS
Exploits0References6
Patchstack
Patchstack
added 2026/02/10 9:10 a.m.6 views

WordPress Name Directory plugin <= 1.32.0 - Unauthenticated Stored Cross-Site Scripting via Double HTML-Entity Encoding in Submission Form vulnerability

Unauthenticated Stored Cross-Site Scripting via Double HTML-Entity Encoding in Submission Form vulnerability discovered by duy.thai in WordPress Plugin Name Directory versions = 1.32.0...

7.2CVSS5.4AI score0.00256EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/08/26 12:0 a.m.11 views

WordPress Name Directory Plugin <= 1.29.0 is vulnerable to Cross Site Scripting (XSS)

Software Name Directory Type Plugin Vulnerable versions = 1.29.0 Fixed in 1.29.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-43938 Patch priority Medium CVSS severity Medium 7.1 Developer Jeroen Peters PSID 00d0c2d9ba55 Credits LVT-tholv2k Required privilege...

6.5CVSS6.6AI score0.00247EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/01/23 12:0 a.m.17 views

WordPress Name Directory Plugin <= 1.27.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software Name Directory Type Plugin Vulnerable versions = 1.27.1 Fixed in 1.27.2 OWASP Top 10 A6: Security Misconfiguration Classification Cross Site Request Forgery CSRF CVE CVE-2023-22692 Patch priority Low CVSS severity Low 4.3 Developer Jeroen Peters PSID 97cd32d13c24 Credits NeginNrb Require...

8.8CVSS6.7AI score0.00271EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/07/04 12:0 a.m.19 views

WordPress Name Directory plugin <= 1.25.3 - Stored Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) vulnerability

Stored Cross-Site Scripting XSS via Cross-Site Request Forgery CSRF vulnerability discovered by Donato Di Pasquale in WordPress Name Directory plugin versions = 1.25.3. Solution Update the WordPress Name Directory plugin to the latest available version at least 1.25.4...

6.1CVSS3.3AI score0.00284EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2022/07/04 12:0 a.m.23 views

WordPress Name Directory plugin <= 1.25.2 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Donato Di Pasquale in WordPress Name Directory plugin versions = 1.25.2. Solution Update the WordPress Name Directory plugin to the latest available version at least 1.25.3...

6.1CVSS2.2AI score0.00569EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2021/01/10 12:0 a.m.20 views

WordPress Name Directory plugin <= 1.17.4 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability found by Yuta in WordPress Name Directory plugin versions = 1.17.4. Solution Update the WordPress Name Directory plugin to the latest available version at least 1.18...

8.8CVSS4AI score0.0084EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder