Lucene search
K

98 matches found

CNNVD
CNNVD
added 2025/03/24 12:0 a.m.5 views

WordPress plugin Top Bar 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in PHP. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPress plugin Top Bar 3.3 and...

5.3CVSS8.2AI score0.00421EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/03/21 8:55 p.m.5 views

WordPress Easy Custom Admin Bar plugin <= 1.0 - Reflected Cross-Site Scripting via msg Parameter vulnerability

Reflected Cross-Site Scripting via msg Parameter vulnerability discovered by johska in WordPress Plugin Easy Custom Admin Bar versions = 1.0...

6.1CVSS7.9AI score0.00294EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/03/20 10:32 a.m.7 views

WordPress Theme Demo Bar Plugin <= 1.6.3 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Theme Demo Bar versions = 1.6.3...

7.1CVSS7.6AI score0.00342EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/02/22 9:31 a.m.9 views

CVE-2024-13849

The Cookie Notice Bar plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.3.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary...

5.5CVSS5.7AI score0.00284EPSS
Exploits0References1
OSV
OSV
added 2025/02/20 9:21 a.m.8 views

CVE-2024-13849 Cookie Notice Bar <= 1.3.0 - Authenticated (Administrator+) Stored Cross-Site Scripting

The Cookie Notice Bar plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.3.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary...

5.5CVSS7.2AI score0.00284EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/01/09 3:39 p.m.26 views

CVE-2025-22805 WordPress Skill Bar Plugin <= 1.2 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themepoints Skill Bar skillbars allows Stored XSS.This issue affects Skill Bar: from n/a through = 1.2...

6.5CVSS0.00206EPSS
Exploits0References1
CVE
CVE
added 2025/01/09 3:39 p.m.59 views

CVE-2025-22805

CVE-2025-22805 – Skill Bars (Theme Points) Stored XSS in WordPress The vulnerability affects the Skill Bars plugin (Theme Bars) for WordPress, with exposure to stored cross-site scripting in Skill Bar. Public references list CVE-2025-22805 and indicate the affected product as Skill Bars up to ver...

6.5CVSS7.2AI score0.00206EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/09 12:0 a.m.6 views

WordPress plugin Skill Bar 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...

6.5CVSS7.6AI score0.00206EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/09 12:0 a.m.5 views

WordPress plugin Master Bar 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

7.1CVSS8.2AI score0.00275EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/11/04 8:50 a.m.6 views

WordPress Master Bar plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin Master Bar versions = 1.0...

7.1CVSS6.1AI score0.00275EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/10/21 12:0 a.m.15 views

WordPress Risk Warning Bar Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)

Software Risk Warning Bar Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-49638 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 36cfba44579b Credits Mika Required privilege...

7.1CVSS6.8AI score0.00322EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/17 12:0 a.m.6 views

WordPress Social Share With Floating Bar Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Social Share With Floating Bar Type Plugin Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8790 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2ad955a877b0 Credits vgo0...

6.1CVSS5.6AI score0.00309EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/07/11 10:7 a.m.4 views

WordPress SKT Skill Bar plugin <= 2.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Jean Tirstan T Patchstack Alliance in WordPress Plugin SKT Skill Bar versions = 2.0...

6.5CVSS6.1AI score0.00253EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/07/06 4:37 p.m.4 views

WordPress WordPress Notification Bar plugin <= 1.3.10 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Sharanabasappa Patchstack Alliance in WordPress Plugin WordPress Notification Bar versions = 1.3.10...

5.9CVSS6.1AI score0.00276EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/04/15 12:49 p.m.6 views

WordPress Top Bar plugin < 3.0.5 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Top Bar versions 3.0.5...

4.8CVSS7.4AI score0.00441EPSS
Exploits2References1Affected Software1
OSV
OSV
added 2024/04/15 5:15 a.m.4 views

CVE-2024-1660

The Top Bar WordPress plugin before 3.0.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS7.3AI score0.00441EPSS
Exploits2References1
Cvelist
Cvelist
added 2024/04/15 5:0 a.m.22 views

CVE-2024-1660 Top Bar < 3.0.5 - Admin+ Stored XSS

The Top Bar WordPress plugin before 3.0.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.5AI score0.00441EPSS
Exploits2References1
CNNVD
CNNVD
added 2024/04/15 12:0 a.m.7 views

WordPress Plugin Top Bar 安全漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers. A security vulnerability exis...

4.8CVSS7.7AI score0.00441EPSS
Exploits2References2
Vulnrichment
Vulnrichment
added 2024/04/11 12:28 p.m.12 views

CVE-2024-31928 WordPress Top Bar plugin <= 3.0.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Darko Top Bar allows Stored XSS.This issue affects Top Bar: from n/a through 3.0.5...

5.9CVSS5.2AI score0.00355EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/04/10 1:15 p.m.4 views

WordPress Top Bar plugin <= 3.0.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Joel Indra Patchstack Alliance in WordPress Plugin Top Bar versions = 3.0.5...

5.9CVSS6.2AI score0.00355EPSS
Exploits0Affected Software1
Rows per page
Query Builder