Lucene search
K

5 matches found

Patchstack
Patchstack
added 2026/01/05 10:10 p.m.7 views

WordPress Phlox plugin <= 2.17.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via `data-caption` HTML Attribute vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via data-caption HTML Attribute vulnerability discovered by Webbernaut in WordPress Theme Phlox versions = 2.17.7...

6.4CVSS5.7AI score0.00156EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/02/03 2:23 p.m.21 views

CVE-2024-50500 WordPress Phlox Core Elements plugin <= 2.17.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in averta Shortcodes and extra features for Phlox theme auxin-elements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Shortcodes and extra features for Phlox theme: from n/a through = 2.17.4...

4.3CVSS0.00412EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/07/16 12:0 a.m.17 views

WordPress Phlox Portfolio Plugin <= 2.3.2 is vulnerable to Cross Site Scripting (XSS)

Software Phlox Portfolio Type Plugin Vulnerable versions = 2.3.2 Fixed in 2.3.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3587 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 2481f1e17cc6 Credits wesley wcraft Required...

6.4CVSS5.8AI score0.00377EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2024/05/02 12:0 a.m.10 views

PT-2024-26351 · WordPress · Phlox

Name of the Vulnerable Software and Affected Versions: Shortcodes and extra features for Phlox theme plugin for WordPress versions up to, and including, 2.15.5 Description: The issue is related to Stored Cross-Site Scripting via the Accordion Widget due to insufficient input sanitization and outp...

6.4CVSS5.7AI score0.00531EPSS
Exploits0References6
CNNVD
CNNVD
added 2022/12/12 12:0 a.m.3 views

WordPress plugin Phlox 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...

8.8CVSS8AI score0.00742EPSS
Exploits0References2
Rows per page
Query Builder