Lucene search
+L

39 matches found

Cvelist
Cvelist
added 2025/10/11 9:28 a.m.13 views

CVE-2025-10375 Web Accessibility By accessiBe <= 2.10 - Cross-Site Request Forgery

The Web Accessibility By accessiBe plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.10. This is due to missing nonce validation on multiple AJAX actions including accessibesignup, accessibelogin, accessibelicensetrial, accessibemodifyconfig,...

4.3CVSS0.00151EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/10/11 12:0 a.m.7 views

WordPress plugin Web Accessibility By accessiBe 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host a personal blog site on a PHP and MySQL based...

4.3CVSS6.2AI score0.00151EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/10/11 12:0 a.m.9 views

PT-2025-41666

Name of the Vulnerable Software and Affected Versions Web Accessibility By accessiBe plugin for WordPress versions through 2.10 Description The Web Accessibility By accessiBe plugin for WordPress is susceptible to Cross-Site Request Forgery. This is caused by a lack of nonce validation on several...

4.3CVSS6.3AI score0.00151EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-23489

Malware in sbrugna...

7.5CVSS7.5AI score0.00527EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-5418

Malicious code in bioql PyPI...

7.1CVSS9.2AI score0.00276EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/27 2:28 p.m.8 views

CVE-2025-26981

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in accessiBe Web Accessibility By accessiBe accessibe allows Reflected XSS.This issue affects Web Accessibility By accessiBe: from n/a through = 2.5...

7.1CVSS7.2AI score0.00276EPSS
Exploits0References1
NVD
NVD
added 2025/02/25 3:15 p.m.5 views

CVE-2025-26981

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in accessiBe Web Accessibility By accessiBe accessibe allows Reflected XSS.This issue affects Web Accessibility By accessiBe: from n/a through = 2.5...

7.1CVSS0.00276EPSS
Exploits0References1
CVE
CVE
added 2025/02/25 2:17 p.m.50 views

CVE-2025-26981

CVE-2025-26981 is a reflected XSS vulnerability in Web Accessibility By accessiBe (

7.1CVSS7.2AI score0.00276EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/25 2:17 p.m.7 views

CVE-2025-26981 WordPress Web Accessibility By accessiBe plugin <= 2.5 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in accessiBe Web Accessibility By accessiBe accessibe allows Reflected XSS.This issue affects Web Accessibility By accessiBe: from n/a through = 2.5...

7.1CVSS7.2AI score0.00276EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/25 2:17 p.m.15 views

CVE-2025-26981 WordPress Web Accessibility By accessiBe plugin <= 2.5 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in accessiBe Web Accessibility By accessiBe accessibe allows Reflected XSS.This issue affects Web Accessibility By accessiBe: from n/a through = 2.5...

7.1CVSS0.00276EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/02/23 9:11 p.m.5 views

WordPress Web Accessibility By accessiBe plugin <= 2.5 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Dimas Maulana Patchstack Alliance in WordPress Plugin Web Accessibility By accessiBe versions = 2.5...

7.1CVSS6.1AI score0.00276EPSS
Exploits0Affected Software1
HackRead
HackRead
added 2025/02/12 7:48 p.m.6 views

accessiBe Review: A Step Forward to Digital Accessibility for All

Sponsored by accessiBe...

7.3AI score
Exploits0
Patchstack
Patchstack
added 2023/07/28 12:0 a.m.4 views

WordPress Web Accessibility By accessiBe Plugin <= 1.15 is vulnerable to Cross Site Scripting (XSS)

Software Web Accessibility By accessiBe Type Plugin Vulnerable versions = 1.15 Fixed in 1.16 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE N/A Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID c7254c9aee27 Credits WordFence Required...

6AI score
Exploits0References2Affected Software1
NVD
NVD
added 2022/10/11 6:15 p.m.24 views

CVE-2021-36913

Unauthenticated Options Change and Content Injection vulnerability in Qube One Redirection for Contact Form 7 plugin = 2.4.0 at WordPress allows attackers to change options and inject scripts into the footer HTML. Requires an additional extension plugin AccessiBe...

7.5CVSS0.00527EPSS
Exploits0References2
OSV
OSV
added 2022/10/11 6:15 p.m.4 views

CVE-2021-36913

Unauthenticated Options Change and Content Injection vulnerability in Qube One Redirection for Contact Form 7 plugin = 2.4.0 at WordPress allows attackers to change options and inject scripts into the footer HTML. Requires an additional extension plugin AccessiBe...

7.5CVSS5.8AI score0.00527EPSS
Exploits0References2
Prion
Prion
added 2022/10/11 6:15 p.m.12 views

Design/Logic Flaw

Unauthenticated Options Change and Content Injection vulnerability in Qube One Redirection for Contact Form 7 plugin = 2.4.0 at WordPress allows attackers to change options and inject scripts into the footer HTML. Requires an additional extension plugin AccessiBe...

5CVSS7.7AI score0.00527EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2022/10/11 5:4 p.m.64 views

CVE-2021-36913

The CVE-2021-36913 issue affects the WordPress plugin Redirection for Contact Form 7 (WPCF7-Redirect) up to version 2.4.0. The vulnerability allows unauthenticated attackers to change plugin options and inject scripts into the footer HTML when the AccessiBe extension is present. This is triggered...

7.5CVSS7.7AI score0.00527EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/10/11 5:4 p.m.23 views

CVE-2021-36913 Redirection for Contact Form 7 <= 2.4.0 - Unauthenticated Options Change and Content Injection vulnerability

Unauthenticated Options Change and Content Injection vulnerability in Qube One Redirection for Contact Form 7 plugin = 2.4.0 at WordPress allows attackers to change options and inject scripts into the footer HTML. Requires an additional extension plugin AccessiBe...

7.5CVSS7.9AI score0.00527EPSS
Exploits0References2
Patchstack
Patchstack
added 2022/09/29 12:0 a.m.24 views

WordPress Redirection for Contact Form 7 plugin <= 2.4.0 - Unauthenticated Options Change and Content Injection vulnerability

Unauthenticated Options Change vulnerability discovered by mirphak Patchstack Alliance in WordPress Redirection for Contact Form 7 plugin versions = 2.4.0. Successful exploitation requires an additional extension plugin AccessiBe. An attacker can inject a script into the footer. Solution Update t...

7.5CVSS3.1AI score0.00527EPSS
Exploits0Affected Software1
Rows per page
Query Builder