CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-19847

Malicious code in bioql PyPI...

7.1CVSS6.9AI score0.00083EPSS

Exploits0References1

RedhatCVE•added 2025/02/04 11:41 p.m.•4 views

CVE-2024-22286

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aluka BA Plus – Before & After Image Slider FREE allows Reflected XSS.This issue affects BA Plus – Before & After Image Slider FREE: from n/a through 1.0.3...

7.1CVSS7AI score0.00083EPSS

Exploits0References1

CNVD•added 2024/02/02 12:0 a.m.•20 views

WordPress Plugin BA Plus Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress plugin BA Plus, which stems from the application's lack of effective filtering and...

7.1CVSS6.3AI score0.00083EPSS

Exploits0References1

NVD•added 2024/01/31 6:15 p.m.•14 views

CVE-2024-22286

7.1CVSS6.9AI score0.00083EPSS

Exploits0References1

Prion•added 2024/01/31 6:15 p.m.•16 views

Cross site scripting

5.8CVSS7.1AI score0.00083EPSS

Exploits0References1Affected Software1

Cvelist•added 2024/01/31 5:52 p.m.•15 views

CVE-2024-22286 WordPress BA Plus Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)

7.1CVSS7.2AI score0.00083EPSS

Exploits0References1

Vulnrichment•added 2024/01/31 5:52 p.m.•14 views

CVE-2024-22286 WordPress BA Plus Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)

7.1CVSS6.8AI score0.00083EPSS

Exploits0References1

CVE•added 2024/01/31 5:52 p.m.•51 views

CVE-2024-22286

CVE-2024-22286 is a reflected XSS in WordPress plugin BA Plus – Before & After Image Slider FREE (versions up to 1.0.3). Root cause: improper input neutralization during web page generation. Affected: BA Plus plugin for WordPress. Impact: reflected cross-site scripting; exploitation status not de...

7.1CVSS7AI score0.00083EPSS

Exploits0References1Affected Software1

WPVulnDB•added 2024/01/19 12:0 a.m.•24 views

BA Plus <= 1.0.3 - Reflected Cross-Site Scripting

Description The BA Plus plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via an unknown parameter in versions up to, and including, 1.0.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

7.1CVSS6.2AI score0.00083EPSS

Exploits0References1

Patchstack•added 2024/01/16 12:0 a.m.•9 views

WordPress BA Plus Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)

Software BA Plus Type Plugin Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-22286 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4a8287da299c Credits Dimas Maulana Required privilege...

7.1CVSS6.5AI score0.00083EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by