Lucene search
K

95 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-28172

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00216EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-35404

Malicious code in bioql PyPI...

5.9CVSS6.5AI score0.00259EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-56120

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00328EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:17 a.m.7 views

CVE-2023-51399

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Back Button Widget allows Stored XSS.This issue affects Back Button Widget: from n/a through 1.6.3...

6.5CVSS6.7AI score0.00328EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 3:14 p.m.10 views

CVE-2025-48252

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Back Button Widget back-button-widget allows Stored XSS.This issue affects Back Button Widget: from n/a through = 1.6.8...

6.5CVSS5.9AI score0.00216EPSS
Exploits0References1
NVD
NVD
added 2025/05/19 3:15 p.m.6 views

CVE-2025-48252

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Back Button Widget back-button-widget allows Stored XSS.This issue affects Back Button Widget: from n/a through = 1.6.8...

6.5CVSS0.00216EPSS
Exploits0References1
OSV
OSV
added 2025/05/19 3:15 p.m.3 views

CVE-2025-48252

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Back Button Widget allows Stored XSS. This issue affects Back Button Widget: from n/a through 1.6.8...

5.4CVSS5.8AI score
Exploits0References1
CVE
CVE
added 2025/05/19 2:44 p.m.27 views

CVE-2025-48252

CVE-2025-48252 corresponds to a stored Cross‑Site Scripting vulnerability in the WPFactory Back Button Widget, affecting versions up to 1.6.8. The issue stems from improper input neutralization during web page generation, enabling stored XSS attacks. Connected sources confirm the vulnerability an...

6.5CVSS5.9AI score0.00216EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/05/19 2:44 p.m.11 views

CVE-2025-48252 WordPress Back Button Widget plugin <= 1.6.8 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Back Button Widget back-button-widget allows Stored XSS.This issue affects Back Button Widget: from n/a through = 1.6.8...

6.5CVSS0.00216EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/19 2:44 p.m.5 views

CVE-2025-48252 WordPress Back Button Widget <= 1.6.8 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Back Button Widget allows Stored XSS. This issue affects Back Button Widget: from n/a through 1.6.8...

6.5CVSS6.4AI score0.00216EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/19 12:0 a.m.2 views

WordPress plugin Back Button Widget 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...

6.5CVSS6.1AI score0.00216EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/19 12:0 a.m.4 views

PT-2025-21964 · Unknown · Back Button Widget

Name of the Vulnerable Software and Affected Versions: Back Button Widget versions 1.6.8 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can injec...

6.5CVSS6.2AI score0.00216EPSS
Exploits0References5
Hacker One
Hacker One
added 2025/03/27 8:49 a.m.8 views

Hiro: Logout Bypass Vulnerability in Hiro.so

Summary A logout bypass vulnerability has been identified on platform.hiro.so, allowing users to regain access to their session after logging out simply by pressing the back button on the browser. This issue arises due to improper session invalidation and potential caching misconfigurations. If...

6.5AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/01/17 12:0 a.m.6 views

The vulnerability of the Drupal CMS system’s Browser Back Button module, related to the lack of measures taken to protect the website structure, allows attackers to perform cross-site scripting attacks.

The vulnerability of the Drupal CMS system’s Browser Back Button feature is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

5.5CVSS5.2AI score0.00247EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2025/01/09 9:15 p.m.11 views

CVE-2024-13308

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Browser Back Button allows Cross-Site Scripting XSS.This issue affects Browser Back Button: from 1.0.0 before 2.0.2...

3.8CVSS0.00247EPSS
Exploits0References1
OSV
OSV
added 2025/01/09 9:15 p.m.2 views

CVE-2024-13308

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Browser Back Button allows Cross-Site Scripting XSS.This issue affects Browser Back Button: from 1.0.0 before 2.0.2...

3.8CVSS5.8AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/09 8:27 p.m.6 views

CVE-2024-13308 Browser Back Button - Moderately critical - Cross site scripting - SA-CONTRIB-2024-072

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Browser Back Button allows Cross-Site Scripting XSS.This issue affects Browser Back Button: from 1.0.0 before 2.0.2...

4.2AI score0.00247EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/09 8:27 p.m.24 views

CVE-2024-13308 Browser Back Button - Moderately critical - Cross site scripting - SA-CONTRIB-2024-072

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Browser Back Button allows Cross-Site Scripting XSS.This issue affects Browser Back Button: from 1.0.0 before 2.0.2...

0.00247EPSS
Exploits0References1
CVE
CVE
added 2025/01/09 8:27 p.m.55 views

CVE-2024-13308

CVE-2024-13308 affects the Drupal Browser Back Button module. The vulnerability is an improper neutralization of input during web page generation (XSS) in the module’s back-button block, stemming from insufficient escaping of administrator-entered text. Affected versions: 1.0.0–2.0.2. Impact desc...

3.8CVSS6.6AI score0.00247EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/12/11 7:44 a.m.5 views

DRUPAL-CONTRIB-2024-072

This module provides a block that renders a link providing the functionality of a browser's back button. The module does not sufficiently escape text entered by an administrator, resulting in a cross scripting vulnerability. This vulnerability is mitigated by the fact that an attacker must have a...

3.8CVSS6.4AI score0.00247EPSS
Exploits0References1
Rows per page
Query Builder