Lucene search
K

24 matches found

Patchstack
Patchstack
added 2026/05/01 9:31 a.m.7 views

WordPress Payment Gateway for ACBA BANK plugin <= 1.2.6 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Payment Gateway for ACBA BANK versions = 1.2.6...

6.1CVSS5.8AI score0.00276EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/07 12:0 a.m.4 views

PT-2026-1636

Name of the Vulnerable Software and Affected Versions Piraeus Bank WooCommerce Payment Gateway plugin for WordPress versions through 3.1.4 Description The Piraeus Bank WooCommerce Payment Gateway plugin for WordPress is susceptible to unauthorized modification of order statuses. This is a result ...

5.3CVSS6.4AI score0.0036EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/01/07 12:0 a.m.3 views

WordPress plugin Piraeus Bank WooCommerce Payment Gateway 安全漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPre...

5.3CVSS6.6AI score0.0036EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-52388

Malicious code in bioql PyPI...

4.3CVSS9.1AI score0.00446EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-42735

Malicious code in bioql PyPI...

4.8CVSS5.2AI score0.00489EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:10 a.m.5 views

CVE-2023-28165

Missing Authorization vulnerability in Tech Banker Backup Bank: WordPress Backup Plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Backup Bank: WordPress Backup Plugin: from n/a through 4.0.28...

4.3CVSS8AI score0.00371EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:10 p.m.8 views

CVE-2022-3350

The Contact Bank WordPress plugin through 3.0.30 does not sanitise and escape some of its Form settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.6AI score0.00489EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:16 a.m.3 views

CVE-2014-3841

Cross-site scripting XSS vulnerability in the Contact Bank plugin before 2.0.20 for WordPress allows remote attackers to inject arbitrary web script or HTML via the Label field, related to form layout configuration. NOTE: some of these details are obtained from third party information...

4.3CVSS6AI score0.01948EPSS
Exploits0References1
NVD
NVD
added 2024/12/09 1:15 p.m.6 views

CVE-2023-48332

Missing Authorization vulnerability in Varun Sharma Mail Bank - 1 Mail SMTP Plugin for WordPress wp-mail-bank allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mail Bank - 1 Mail SMTP Plugin for WordPress: from n/a through = 4.0.14...

4.3CVSS0.00446EPSS
Exploits0References1
CVE
CVE
added 2024/12/09 11:30 a.m.51 views

CVE-2023-48332

CVE-2023-48332 describes a Missing Authorization (Broken Access Control) vulnerability in the WordPress plugin “Mail Bank – #1 Mail SMTP Plugin for WordPress” (also referenced as wp-mail-bank). Affected versions are 4.0.14 and earlier. The issue arises from incorrectly configured access control s...

4.3CVSS7.3AI score0.00446EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/10/04 12:0 a.m.3 views

WordPress plugin Captcha Bank 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.1CVSS6.2AI score0.00291EPSS
Exploits0References3
OSV
OSV
added 2024/02/17 8:15 a.m.3 views

CVE-2024-0610

The Piraeus Bank WooCommerce Payment Gateway plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'MerchantReference' parameter in all versions up to, and including, 1.6.5.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on t...

9.8CVSS5.8AI score
Exploits0References2
OSV
OSV
added 2022/10/25 5:15 p.m.2 views

CVE-2022-3350

The Contact Bank WordPress plugin through 3.0.30 does not sanitise and escape some of its Form settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.8AI score0.00489EPSS
Exploits2References1
CNNVD
CNNVD
added 2022/10/25 12:0 a.m.5 views

WordPress plugin Contact Bank 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

4.8CVSS5AI score0.00489EPSS
Exploits2References2
Patchstack
Patchstack
added 2022/06/09 12:0 a.m.14 views

WordPress Gallery Bank plugin <= 4.0.50 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability via Media Upload Module

Authenticated Stored Cross-Site Scripting XSS vulnerability via Media Upload Module discovered by Vishnupriya Ilango Fortinet FortiGuard Labs in WordPress Gallery Bank plugin versions = 4.0.50. Solution Deactivate and delete. This plugin has been closed as of December 9, 2021 and is not available...

2.1AI score
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/12/15 12:0 a.m.50 views

Gallery Bank Plugin for WordPress < 2.0.20 XSS

According to its self-reported version, the Gallery Bank Plugin for WordPress running on the remote web server is prior to 2.0.20. It is, therefore, affected by multiple reflected cross-site scripting vulnerabilities. A remote attacker can exploit these issues, via a specially crafted request, to...

6AI score
Exploits0References4
Patchstack
Patchstack
added 2015/08/13 12:0 a.m.16 views

WordPress Contact Bank Plugin <= 2.0.225 - Cross Site Scripting

Because of this vulnerability, the attackers can inject arbitrary JavaScript or HTML code. Solution Upgrade the plugin...

2.5AI score
Exploits0References1Affected Software1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

MyBB Bank- 3 Plugin - SQL Injection

No description provided by source. Exploit Title: Bank v3 MyBB plugin SQLi 0day Exploit Author: RedHat NullSec Software Link: http://mods.mybb.com/download/bank-v3 Tested on: Windows & Linux. Vulnerable code : ?php $user=$POST'rusername'; $pay=intval$POST'rpay'; $queryr=$db-querySELECT FROM...

7.1AI score
Exploits0
Prion
Prion
added 2014/05/22 3:13 p.m.12 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Contact Bank plugin before 2.0.20 for WordPress allows remote attackers to inject arbitrary web script or HTML via the Label field, related to form layout configuration. NOTE: some of these details are obtained from third party information...

4.3CVSS6.3AI score0.01948EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2014/05/22 3:0 p.m.37 views

CVE-2014-3841

The CVE-2014-3841 issue affects the WordPress Contact Bank Plugin (pre-2.0.20). The vulnerability is a stored/reflected XSS via the Label field tied to the plugin’s form layout configuration, allowing remote attackers to inject arbitrary script/HTML. Root cause: improper handling of input in the ...

4.3CVSS6AI score0.01948EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder