Lucene search
K

280 matches found

Vulnrichment
Vulnrichment
added 2023/06/22 12:12 p.m.9 views

CVE-2023-33323 WordPress ARMember Plugin <= 4.0.2 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Repute InfoSystems ARMember plugin = 4.0.2 versions...

5.9CVSS5.6AI score0.00369EPSS
Exploits0References1
CVE
CVE
added 2023/06/22 12:12 p.m.43 views

CVE-2023-33323

CVE-2023-33323 describes a Stored XSS in Repute InfoSystems ARMember plugin for WordPress, affecting versions

5.9CVSS5.1AI score0.00369EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/06/22 12:12 p.m.27 views

CVE-2023-33323 WordPress ARMember Plugin <= 4.0.2 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Repute InfoSystems ARMember plugin = 4.0.2 versions...

5.9CVSS5.5AI score0.00369EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/06/22 12:0 a.m.5 views

WordPress Plugin ARMember 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

5.9CVSS6.2AI score0.00369EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/06/22 12:0 a.m.4 views

PT-2023-24293 · Repute Infosystems · Armember

Name of the Vulnerable Software and Affected Versions: Repute InfoSystems ARMember plugin versions prior to 4.0.3 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin+ privileges. Recommendations: For versions prior to 4.0.3,...

5.9CVSS5.3AI score0.00369EPSS
Exploits0References3
WPVulnDB
WPVulnDB
added 2023/06/13 12:0 a.m.14 views

ARMember < 4.0.3 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.7AI score0.00369EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2023/06/13 12:0 a.m.15 views

WordPress ARMember Plugin <= 4.0.2 is vulnerable to Cross Site Scripting (XSS)

Software ARMember Type Plugin Vulnerable versions = 4.0.2 Fixed in 4.0.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-33323 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 8e26660f77e8 Credits emad Required privilege...

5.9CVSS5.7AI score0.00369EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2023/06/12 1:15 p.m.18 views

CVE-2022-47140

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Repute InfoSystems ARMember plugin = 4.0.1 versions...

7.1CVSS6.2AI score0.00382EPSS
Exploits0References1
OSV
OSV
added 2023/06/12 1:15 p.m.3 views

CVE-2022-47140

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Repute InfoSystems ARMember plugin = 4.0.1 versions...

6.1CVSS5.8AI score0.00382EPSS
Exploits0References1
Prion
Prion
added 2023/06/12 1:15 p.m.14 views

Cross site scripting

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Repute InfoSystems ARMember plugin = 4.0.1 versions...

5.8CVSS6AI score0.00382EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/06/12 12:52 p.m.41 views

CVE-2022-47140

CVE-2022-47140: Unauthenticated reflected XSS in Repute InfoSystems ARMember WordPress plugin prior to 4.0.1. Affected software: ARMember plugin for WordPress (versions

7.1CVSS6AI score0.00382EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/06/12 12:52 p.m.13 views

CVE-2022-47140 WordPress ARMember Plugin <= 4.0.1 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Repute InfoSystems ARMember plugin = 4.0.1 versions...

7.1CVSS5.8AI score0.00382EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/06/12 12:0 a.m.4 views

PT-2023-15186 · Repute Infosystems · Armember

Name of the Vulnerable Software and Affected Versions: Repute InfoSystems ARMember plugin versions prior to 4.0.1 Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This means that an attacker can inject malicious scripts into a website, potentially...

7.1CVSS6.3AI score0.00382EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/06/12 12:0 a.m.4 views

WordPress Plugin ARMember 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

7.1CVSS6.8AI score0.00382EPSS
Exploits0References2
Patchstack
Patchstack
added 2023/04/19 12:0 a.m.8 views

WordPress ARMember Plugin <= 4.0.1 is vulnerable to Cross Site Scripting (XSS)

Software ARMember Type Plugin Vulnerable versions = 4.0.1 Fixed in 4.0.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-47140 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 04bcef5f802c Credits Team WeBoB Required...

7.1CVSS5.9AI score0.00382EPSS
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.14 views

ARMember < 4.0.2 - Reflected XSS

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS10AI score0.00382EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2023/03/27 12:0 a.m.16 views

WordPress ARMember Plugin <= 3.4.11 is vulnerable to SQL Injection

Software ARMember Type Plugin Vulnerable versions = 3.4.11 Fixed in 4.0 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2022-46808 Patch priority High CVSS severity High 8.2 Developer Claim ownership PSID 69cdf488ab0c Credits Le Ngoc Anh Required privilege Unauthenticated Publishe...

9.8CVSS6.8AI score0.00639EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/03/21 12:0 a.m.6 views

PT-2023-27174 · WordPress +1 · Armember Lite +1

Name of the Vulnerable Software and Affected Versions: The ARMember Lite - Membership Plugin for WordPress versions up to, and including, 4.0.14 Description: The issue is related to Stored Cross-Site Scripting via admin settings due to insufficient input sanitization and output escaping. This...

4.8CVSS4.8AI score0.00456EPSS
Exploits0References10
Patchstack
Patchstack
added 2023/01/20 12:0 a.m.12 views

WordPress ARMember Plugin <= 3.4.10 is vulnerable to Broken Access Control

Software ARMember Type Plugin Vulnerable versions = 3.4.10 Fixed in 3.4.11 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2022-47425 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID fbb3fb63c003 Credits Cat Required privilege Subscriber...

6.9AI score0.00255EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/12/06 9:15 p.m.2 views

CVE-2022-42888

Unauth. Privilege Escalation vulnerability in ARMember premium plugin = 5.5.1 on WordPress...

8.8CVSS5.8AI score0.00689EPSS
Exploits0References1
Rows per page
Query Builder