Lucene search
K

143 matches found

Patchstack
Patchstack
added 2024/06/27 12:0 a.m.21 views

WordPress ARI Fancy Lightbox Plugin <= 1.3.14 is vulnerable to Cross Site Scripting (XSS)

Software ARI Fancy Lightbox Type Plugin Vulnerable versions = 1.3.14 Fixed in 1.3.15 OWASP Top 10 A6: Vulnerable and Outdated Components Classification Cross Site Scripting XSS CVE CVE-2024-4367 Patch priority Low CVSS severity Low 4 Developer Claim ownership PSID c2fee65eb87c Credits Yudistira...

6.5AI score0.72648EPSS
Exploits15References2Affected Software1
NVD
NVD
added 2024/06/04 10:15 a.m.13 views

CVE-2023-47513

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in ARI Soft ARI Stream Quiz allows Code Injection.This issue affects ARI Stream Quiz: from n/a through 1.3.2...

5.4CVSS5.6AI score0.00357EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/06/04 9:46 a.m.9 views

CVE-2023-47513 WordPress ARI Stream Quiz – WordPress Quizzes Builder plugin <= 1.3.2 - Content Injection vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in ARI Soft ARI Stream Quiz allows Code Injection.This issue affects ARI Stream Quiz: from n/a through 1.3.2...

5.4CVSS6.9AI score0.00357EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/04 9:46 a.m.42 views

CVE-2023-47513 WordPress ARI Stream Quiz – WordPress Quizzes Builder plugin <= 1.3.2 - Content Injection vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in ARI Soft ARI Stream Quiz allows Code Injection.This issue affects ARI Stream Quiz: from n/a through 1.3.2...

5.4CVSS5.6AI score0.00357EPSS
Exploits0References1
CVE
CVE
added 2024/05/10 4:14 p.m.72 views

CVE-2023-26566

CVE-2023-26566 affects Sangoma FreePBX 1805–2203 on Linux, with hardcoded Asterisk REST Interface (ARI) credentials. This enables remote attackers to reconfigure Asterisk and place calls via ARI endpoints over HTTP and WebSocket. The connected sources note the issue and provide remediation guidan...

8.6CVSS7.1AI score0.00712EPSS
Exploits0References1
OSV
OSV
added 2024/03/16 2:15 a.m.5 views

CVE-2023-51487

Cross-Site Request Forgery CSRF vulnerability in ARI Soft ARI Stream Quiz.This issue affects ARI Stream Quiz: from n/a through 1.2.32...

8.8CVSS7.3AI score0.00221EPSS
Exploits0References1
NVD
NVD
added 2024/03/16 2:15 a.m.28 views

CVE-2023-51487

Cross-Site Request Forgery CSRF vulnerability in ARI Soft ARI Stream Quiz.This issue affects ARI Stream Quiz: from n/a through 1.2.32...

8.8CVSS5.5AI score0.00221EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/16 1:3 a.m.42 views

CVE-2023-51487 WordPress ARI Stream Quiz – WordPress Quizzes Builder plugin <= 1.2.32 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in ARI Soft ARI Stream Quiz.This issue affects ARI Stream Quiz: from n/a through 1.2.32...

5.4CVSS5.8AI score0.00221EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/03/16 1:3 a.m.11 views

CVE-2023-51487 WordPress ARI Stream Quiz – WordPress Quizzes Builder plugin <= 1.2.32 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in ARI Soft ARI Stream Quiz.This issue affects ARI Stream Quiz: from n/a through 1.2.32...

5.4CVSS7AI score0.00221EPSS
Exploits0References1
CVE
CVE
added 2024/03/16 1:3 a.m.69 views

CVE-2023-51487

CVE-2023-51487 is a CSRF vulnerability in the ARI Stream Quiz WordPress plugin, affecting ARI Stream Quiz versions up to 1.2.32. The connected documents confirm the issue exists and reference CSRF as the vulnerability type, but do not provide an explicit fixed version or patch details. Affected p...

8.8CVSS8.6AI score0.00221EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/03/16 12:0 a.m.6 views

WordPress Plugin ARI Stream Quiz Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

8.8CVSS6.7AI score0.00221EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/03/15 12:0 a.m.10 views

PT-2024-14146 · Unknown · Ari Stream Quiz

Name of the Vulnerable Software and Affected Versions: ARI Stream Quiz versions 1.2.32 and earlier Description: A Cross-Site Request Forgery CSRF issue has been identified. This type of issue occurs when an application does not properly validate requests, allowing an attacker to trick a user into...

8.8CVSS9.6AI score0.00221EPSS
Exploits0References6
Prion
Prion
added 2024/02/12 9:15 a.m.17 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in ARI Soft Contact Form 7 Connector.This issue affects Contact Form 7 Connector: from n/a through 1.2.2...

4.3CVSS7.2AI score0.00214EPSS
Exploits0References1
CVE
CVE
added 2024/02/12 8:46 a.m.60 views

CVE-2024-24884

Summary: CVE-2024-24884 is a CSRF vulnerability in the ARI Soft Contact Form 7 Connector plugin for WordPress. The issue affects versions up to and including 1.2.2 and can be triggered without authentication, enabling an attacker to induce state-changing actions in a user’s session. The patchstac...

8.8CVSS6.3AI score0.00214EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/02/12 12:0 a.m.5 views

PT-2024-20640 · Unknown · Ari Soft Contact Form 7 Connector

Name of the Vulnerable Software and Affected Versions: ARI Soft Contact Form 7 Connector versions 1.2.2 and earlier Description: A Cross-Site Request Forgery CSRF issue affects the ARI Soft Contact Form 7 Connector. This type of issue allows an attacker to trick a user into performing unintended...

8.8CVSS9.3AI score0.00214EPSS
Exploits0References6
WPVulnDB
WPVulnDB
added 2024/01/24 12:0 a.m.8 views

ARI Stream Quiz < 1.3.0 - Cross-Site Request Forgery

Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

7.1AI score
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/05 12:0 a.m.18 views

ARI Stream Quiz < 1.3.0 - Cross-Site Request Forgery

Description The ARI Stream Quiz plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2.32. This is due to missing or incorrect nonce validation. This makes it possible for unauthenticated attackers to perform unauthorized actions against classes and...

8.8CVSS6.7AI score0.00221EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/12/31 10:15 a.m.6 views

CVE-2023-52182

Deserialization of Untrusted Data vulnerability in ARI Soft ARI Stream Quiz – WordPress Quizzes Builder.This issue affects ARI Stream Quiz – WordPress Quizzes Builder: from n/a through 1.3.0...

8.8CVSS7.3AI score0.00627EPSS
Exploits0References1
NVD
NVD
added 2023/12/31 10:15 a.m.16 views

CVE-2023-52182

Deserialization of Untrusted Data vulnerability in ARI Soft ARI Stream Quiz – WordPress Quizzes Builder.This issue affects ARI Stream Quiz – WordPress Quizzes Builder: from n/a through 1.3.0...

9.9CVSS0.00627EPSS
Exploits0References1
Prion
Prion
added 2023/12/31 10:15 a.m.30 views

Deserialization of untrusted data

Deserialization of Untrusted Data vulnerability in ARI Soft ARI Stream Quiz – WordPress Quizzes Builder.This issue affects ARI Stream Quiz – WordPress Quizzes Builder: from n/a through 1.3.0...

6.5CVSS7.2AI score0.00627EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder