Lucene search
K

35 matches found

Circl
Circl
added 2026/04/19 7:30 p.m.6 views

CVE-2026-32961

creationtimestamp| type| source ---|---|--- 2026-04-19 19:30:00+00:00| seen| https://jvn.jp/en/vu/JVNVU94271449 2026-04-21 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-10...

6.9CVSS6.5AI score0.00566EPSS
Exploits0References2
Circl
Circl
added 2025/04/19 4:59 a.m.6 views

CVE-2025-3103

creationtimestamp| type| source ---|---|--- 2025-04-19 04:59:57+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/12573 2025-04-19 07:08:46+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ln5laf64bjo2 2025-04-19 07:30:23+00:00| seen|...

7.5CVSS7.3AI score0.00329EPSS
Exploits0References4
WPVulnDB
WPVulnDB
added 2024/04/05 12:0 a.m.19 views

Salon booking system < 9.6.6 - Editor+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as Editor to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC 1. Go to "Salon Services Add New...

5.5AI score0.00418EPSS
Exploits2Affected Software1
wpexploit
wpexploit
added 2024/04/05 12:0 a.m.132 views

Salon booking system < 9.6.6 - Editor+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as Editor to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup 1. Go to "Salon Services Add New...

5.6AI score0.00418EPSS
Exploits2
wpexploit
wpexploit
added 2024/04/05 12:0 a.m.179 views

Salon booking system < 9.6.6 - Settings Update via CSRF

Description The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack Make an admin open a page containing the code: input type="submit" valu...

6.6AI score0.00247EPSS
Exploits2
wpexploit
wpexploit
added 2024/04/05 12:0 a.m.140 views

Bannerlid <= 1.1.0 - Reflected XSS

Description The plugin does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as administrators Have an admin open URLs: -...

8.7AI score0.00431EPSS
Exploits2
wpexploit
wpexploit
added 2024/04/05 12:0 a.m.136 views

ENL Newsletter <= 1.0.1 - Stored XSS via CSRF

Description The plugin does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack Make an admin open an HTML file containing: Name: alert1' / alert2' /...

5.9AI score0.00207EPSS
Exploits2
wpexploit
wpexploit
added 2024/04/05 12:0 a.m.174 views

Shortcodes Ultimate < 7.1.0 - Contributor+ Stored XSS

Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks As a contributor, put the...

5.9AI score0.00438EPSS
Exploits2References1
wpexploit
wpexploit
added 2024/04/05 12:0 a.m.258 views

Sassy Social Share < 3.3.61 - Contributor+ Stored XSS

Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks As a contributor, put the below...

5.9AI score0.0048EPSS
Exploits3References1
Openbugbounty
Openbugbounty
added 2023/04/19 8:55 p.m.8 views

spang-lichttechnik.de Cross Site Scripting vulnerability OBB-3268622

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

5.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/04/19 8:5 p.m.6 views

schulfreundfinder.de Cross Site Scripting vulnerability OBB-3268457

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

5.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/04/19 7:8 p.m.13 views

reitschule-sinka.de Cross Site Scripting vulnerability OBB-3268311

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

5.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/04/19 7:6 p.m.4 views

reiseleiter-ausbildung.de Cross Site Scripting vulnerability OBB-3268308

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

5.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/04/19 6:55 p.m.10 views

radsportverband-brandenburg.de Cross Site Scripting vulnerability OBB-3268280

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

5.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/04/19 6:34 p.m.7 views

prof-schnauffer.de Cross Site Scripting vulnerability OBB-3268228

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

5.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/04/19 4:58 p.m.15 views

laguna.sc.gov.br Cross Site Scripting vulnerability OBB-3268102

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

5.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/04/19 6:59 a.m.8 views

iis.edu.jo Cross Site Scripting vulnerability OBB-3267966

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

5.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/04/19 5:20 a.m.11 views

funnyinflorida.com Cross Site Scripting vulnerability OBB-3267892

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

5.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/04/19 3:22 a.m.6 views

nepalhandcreation.com Cross Site Scripting vulnerability OBB-3267638

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

5.9AI score
Exploits0
Patchstack
Patchstack
added 2023/04/19 12:0 a.m.15 views

WordPress Table & Contact Form 7 Database – Tablesome Plugin < 1.0.9 is vulnerable to Cross Site Scripting (XSS)

Software Table & Contact Form 7 Database – Tablesome Type Plugin Vulnerable versions 1.0.9 Fixed in 1.0.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1890 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 33f0514f48a5...

6.1CVSS5.9AI score0.01067EPSS
Exploits3References5Affected Software1
Rows per page
Query Builder