Lucene search
+L

229 matches found

Patchstack
Patchstack
added 2024/03/13 12:0 a.m.10 views

WordPress AntiSpam for Contact Form 7 Plugin <= 0.6.0 is vulnerable to Cross Site Scripting (XSS)

Software AntiSpam for Contact Form 7 Type Plugin Vulnerable versions = 0.6.0 Fixed in 0.6.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-27961 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID f9498b94e6d4 Credits stealthcopter Required...

7.1CVSS6.6AI score0.00334EPSS
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/04 12:0 a.m.14 views

Spam protection, AntiSpam, FireWall by CleanTalk < 6.21 - Email Update via CSRF

Description The plugin does not have CSRF check in its apbctsettingsupdateaccountemail function, which could allow attackers to make logged in admins update email address via a CSRF attack...

8.8CVSS7AI score0.00241EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/04 12:0 a.m.12 views

Spam protection, AntiSpam, FireWall by CleanTalk < 6.21 - Counters Reset/Creation via CSRF

Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks, such as reset/create counters...

8.8CVSS7.1AI score0.00227EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/12/27 12:0 a.m.15 views

WordPress Spam protection, AntiSpam, FireWall by CleanTalk Plugin <= 6.20 is vulnerable to Cross Site Request Forgery (CSRF)

Software Spam protection, AntiSpam, FireWall by CleanTalk Type Plugin Vulnerable versions = 6.20 Fixed in 6.21 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-51535 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID...

8.8CVSS6.6AI score0.00227EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/12/27 12:0 a.m.14 views

WordPress Spam protection, AntiSpam, FireWall by CleanTalk Plugin <= 6.20 is vulnerable to Cross Site Request Forgery (CSRF)

Software Spam protection, AntiSpam, FireWall by CleanTalk Type Plugin Vulnerable versions = 6.20 Fixed in 6.21 OWASP Top 10 A5: Security Misconfiguration Classification Cross Site Request Forgery CSRF CVE CVE-2023-51696 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID...

8.8CVSS6.6AI score0.00241EPSS
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/07 12:0 a.m.21 views

Antispam Bee < 2.11.4 - IP Address Spoofing via get_client_ip

Description The Antispam Bee plugin for WordPress is vulnerable to IP Address Spoofing in all versions up to, and including, 2.11.3 due to use of user-supplied HTTP headers as a primary method for IP retrieval. This makes it possible for unauthenticated attackers to bypass country blocking...

6.5AI score0.00372EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/11/27 12:0 a.m.13 views

WordPress Antispam Bee Plugin <= 2.11.3 is vulnerable to Bypass Vulnerability

Software Antispam Bee Type Plugin Vulnerable versions = 2.11.3 Fixed in 2.11.4 OWASP Top 10 A6: Security Misconfiguration Classification Bypass Vulnerability CVE CVE-2023-41134 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 5abac73c1838 Credits Mika Required privilege...

5.3CVSS6.9AI score0.00372EPSS
Exploits0References2Affected Software1
vulnersOsv
vulnersOsv
added 2023/10/31 8:29 p.m.5 views

matrix-server-isenguard (>=0.1.1 <=0.2.0), matrix-synapse-testutils (>=1.65.0.0 <=1.95.0.0) +7 more potentially affected by CVE-2023-43796 via matrix-synapse (>=0.33.9 <=1.95.0)

matrix-synapse PYPI version =0.33.9, =0.1.1, =1.65.0.0, =0.1.2, =0.100.2, =0.1.0, =0.1.0, =0.8.0, =0.8.4 Source cves: CVE-2023-43796 Source advisory: OSV:GHSA-MP92-3JFM-3575...

5.3CVSS6.2AI score0.00897EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2023/10/10 6:15 p.m.6 views

matrix-server-isenguard (>=0.1.1 <=0.2.0), matrix-synapse-testutils (>=1.65.0.0 <=1.93.0.0) +7 more potentially affected by CVE-2023-45129 via matrix-synapse (>=0.33.9 <=1.93.0)

matrix-synapse PYPI version =0.33.9, =0.1.1, =1.65.0.0, =0.1.2, =0.100.2, =0.1.0, =0.1.0, =0.8.0, =0.8.4 Source cves: CVE-2023-45129 Source advisory: OSV:PYSEC-2023-199...

4.9CVSS5.5AI score0.01166EPSS
Exploits0
Patchstack
Patchstack
added 2023/06/22 12:0 a.m.15 views

WordPress Spam protection, AntiSpam, FireWall by CleanTalk Plugin <= 6.10 is vulnerable to Broken Access Control

Software Spam protection, AntiSpam, FireWall by CleanTalk Type Plugin Vulnerable versions = 6.10 Fixed in 6.11 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-33996 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID b4ca9dd06551...

6.3AI score0.00685EPSS
Exploits0References2Affected Software1
vulnersOsv
vulnersOsv
added 2023/05/26 2:15 p.m.3 views

matrix-server-isenguard (>=0.1.1 <=0.2.0), matrix-synapse-testutils (>=1.65.0.0 <=1.73.0.1) +7 more potentially affected by CVE-2023-32323 via matrix-synapse (>=0.33.9 <=1.73.0)

matrix-synapse PYPI version =0.33.9, =0.1.1, =1.65.0.0, =0.1.2, =0.100.2, =0.1.0, =0.1.0, =0.8.0, =0.8.4 Source cves: CVE-2023-32323 Source advisory: OSV:PYSEC-2023-67...

5CVSS6.1AI score0.00981EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2023/05/24 5:28 p.m.13 views

matrix-server-isenguard (>=0.1.1 <=0.2.0), matrix-synapse-testutils (>=1.65.0.0 <=1.73.0.1) +7 more potentially affected by CVE-2023-32323 via matrix-synapse (>=0.33.9 <=1.73.0)

matrix-synapse PYPI version =0.33.9, =0.1.1, =1.65.0.0, =0.1.2, =0.100.2, =0.1.0, =0.1.0, =0.8.0, =0.8.4 Source cves: CVE-2023-32323 Source advisory: OSV:GHSA-F3WC-3VXV-XMVR...

5CVSS6.1AI score0.00981EPSS
Exploits1
GithubExploit
GithubExploit
added 2023/03/22 11:0 a.m.509 views

Exploit for Improper Input Validation in Microsoft

CVE-2023-23397 This script allows to create TNEF-encoded Outl...

9.8CVSS10AI score0.97408EPSS
Exploits18
Prion
Prion
added 2022/10/25 5:15 p.m.18 views

Sql injection

The Spam protection, AntiSpam, FireWall by CleanTalk WordPress plugin before 5.185.1 does not validate ids before using them in a SQL statement, which could lead to SQL injection exploitable by high privilege users such as admin...

5.8CVSS7.1AI score0.01015EPSS
Exploits2References1Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/02 3:14 a.m.23 views

MoinMoin Cross-site scripting (XSS) vulnerability in the antispam feature

Cross-site scripting XSS vulnerability in the antispam feature security/antispam.py in MoinMoin 1.7 and 1.8.1 allows remote attackers to inject arbitrary web script or HTML via crafted, disallowed content...

4.3CVSS6AI score0.02346EPSS
Exploits0References13Affected Software1
OSV
OSV
added 2022/05/02 3:14 a.m.6 views

GHSA-CX94-3H5X-CC57 MoinMoin Cross-site scripting (XSS) vulnerability in the antispam feature

Cross-site scripting XSS vulnerability in the antispam feature security/antispam.py in MoinMoin 1.7 and 1.8.1 allows remote attackers to inject arbitrary web script or HTML via crafted, disallowed content...

4.3CVSS5.4AI score0.02346EPSS
Exploits0References12
NVD
NVD
added 2022/04/19 9:15 p.m.28 views

CVE-2022-28221

The CleanTalk AntiSpam plugin = 5.173 for WordPress is vulnerable to Reflected Cross-Site Scripting XSS via the $REQUEST'page' parameter in/lib/Cleantalk/ApbctWP/FindSpam/ListTable/Comments.php...

6.1CVSS0.02303EPSS
Exploits2References1
NVD
NVD
added 2022/04/19 9:15 p.m.23 views

CVE-2022-28222

The CleanTalk AntiSpam plugin = 5.173 for WordPress is vulnerable to Reflected Cross-Site Scripting XSS via the $REQUEST'page' parameter in/lib/Cleantalk/ApbctWP/FindSpam/ListTable/Users.php...

6.1CVSS0.02886EPSS
Exploits3References1
Prion
Prion
added 2022/04/19 9:15 p.m.20 views

Cross site scripting

The CleanTalk AntiSpam plugin = 5.173 for WordPress is vulnerable to Reflected Cross-Site Scripting XSS via the $REQUEST'page' parameter in/lib/Cleantalk/ApbctWP/FindSpam/ListTable/Comments.php...

4.3CVSS6AI score0.02303EPSS
Exploits2References1Affected Software1
Prion
Prion
added 2022/04/19 9:15 p.m.24 views

Cross site scripting

The CleanTalk AntiSpam plugin = 5.173 for WordPress is vulnerable to Reflected Cross-Site Scripting XSS via the $REQUEST'page' parameter in/lib/Cleantalk/ApbctWP/FindSpam/ListTable/Users.php...

4.3CVSS6AI score0.02886EPSS
Exploits3References1Affected Software1
Rows per page
Query Builder