Lucene search
K

98 matches found

Patchstack
Patchstack
added 2024/04/10 12:0 a.m.9 views

WordPress Top Bar Plugin <= 3.0.5 is vulnerable to Cross Site Scripting (XSS)

Software Top Bar Type Plugin Vulnerable versions = 3.0.5 Fixed in 3.0.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-31928 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 1fe06e1756b5 Credits Joel Indra Required privilege Administrator...

5.9CVSS6.6AI score0.00355EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/04/02 12:0 a.m.7 views

PT-2024-18207 · WordPress · Top Bar Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: Top Bar WordPress plugin versions prior to 3.0.5 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks, even when the unfiltered html capability is disallowed, for example, in...

4.8CVSS7.9AI score0.00441EPSS
Exploits2References7
Vulnrichment
Vulnrichment
added 2024/01/11 8:32 a.m.6 views

CVE-2023-7048 My Sticky Bar <= 2.6.6 - Cross-Site Request Forgery to Sensitive Information Exposure

The My Sticky Bar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.6.6. This is due to missing or incorrect nonce validation in mystickymenu-contact-leads.php. This makes it possible for unauthenticated attackers to trigger the export of a C...

3.1CVSS6.5AI score0.00211EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/01/04 12:0 a.m.15 views

WordPress My Sticky Bar Plugin <= 2.6.6 is vulnerable to Cross Site Request Forgery (CSRF)

Software My Sticky Bar Type Plugin Vulnerable versions = 2.6.6 Fixed in 2.6.7 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-7048 Patch priority Low CVSS severity Low 3.1 Developer Claim ownership PSID 50c4e2183073 Credits Ulyses Saicha Required...

4.3CVSS6.6AI score0.00211EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2023/12/14 2:10 p.m.25 views

CVE-2023-49836 WordPress Cookie Bar Plugin <= 2.0 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Brontobytes Cookie Bar allows Stored XSS.This issue affects Cookie Bar: from n/a through 2.0...

5.9CVSS5.9AI score0.00374EPSS
Exploits0References1
OSV
OSV
added 2023/11/06 10:15 a.m.4 views

CVE-2023-47184

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Proper Fraction LLC. Admin Bar & Dashboard Access Control plugin = 1.2.8 versions...

4.8CVSS7.3AI score0.00357EPSS
Exploits2References1
OSV
OSV
added 2023/10/02 9:15 a.m.6 views

CVE-2023-41847

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in WEN Solutions Notice Bar plugin = 3.1.0 versions...

5.4CVSS5.8AI score0.00303EPSS
Exploits0References1
NVD
NVD
added 2023/10/02 9:15 a.m.16 views

CVE-2023-41847

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in WEN Solutions Notice Bar plugin = 3.1.0 versions...

6.5CVSS5.8AI score0.00303EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/10/02 8:36 a.m.13 views

CVE-2023-41847 WordPress Notice Bar Plugin <= 3.1.0 is vulnerable to Cross Site Scripting (XSS)

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in WEN Solutions Notice Bar plugin = 3.1.0 versions...

6.5CVSS5.6AI score0.00303EPSS
Exploits0References1
CVE
CVE
added 2023/10/02 8:36 a.m.56 views

CVE-2023-41847

CVE-2023-41847 affects the WordPress plugin Notice Bar (WEN Solutions) with versions

6.5CVSS5.5AI score0.00303EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/10/02 12:0 a.m.3 views

PT-2023-28077 · Wpgens · Swifty Bar

Name of the Vulnerable Software and Affected Versions: Swifty Bar, sticky bar by WPGens plugin versions = 1.2.10 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that affects users with admin+ authentication. This allows for malicious scripts to be stored on th...

5.9CVSS5.2AI score0.0031EPSS
Exploits0References5
Packet Storm
Packet Storm
added 2023/06/05 12:0 a.m.270 views

WordPress Circle Progress 1.0 Cross Site Scripting

Exploit Title: WordPress Plugin Circle progress bar – Cross site scripting-Stored Date: 2-06-2023 Exploit Author: Taliya Bilal- NightHawk Vendor Homepage: https://wordpress.org/plugins/circle-progress-bar/ Version: 1.0 Tested on: Firefox Contact me: [email protected] Steps to reproduce: 1...

7.1AI score
Exploits0
OSV
OSV
added 2023/05/29 3:15 p.m.4 views

CVE-2023-23699

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Chris Reynolds Progress Bar plugin = 2.2.1 versions...

5.4CVSS6.7AI score0.00361EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/05/29 12:0 a.m.2 views

WordPress plugin Progress Bar 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...

6.5CVSS6.5AI score0.00361EPSS
Exploits0References3
CVE
CVE
added 2023/05/08 9:57 p.m.42 views

CVE-2023-23894

CVE-2023-23894 pertains to a Stored XSS in the Surbma GDPR Proof Cookie Consent & Notice Bar plugin for WordPress (versions

6.5CVSS5.4AI score0.00361EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2023/04/07 12:15 p.m.22 views

CVE-2023-23994

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Marcel Bootsman Auto Hide Admin Bar plugin = 1.6.1 versions...

5.9CVSS5.4AI score0.00392EPSS
Exploits0References1
OSV
OSV
added 2023/04/07 12:15 p.m.5 views

CVE-2023-23994

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Marcel Bootsman Auto Hide Admin Bar plugin = 1.6.1 versions...

4.8CVSS5.8AI score0.00392EPSS
Exploits0References1
Prion
Prion
added 2023/04/07 12:15 p.m.20 views

Cross site scripting

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Marcel Bootsman Auto Hide Admin Bar plugin = 1.6.1 versions...

4.3CVSS4.9AI score0.00392EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/04/07 11:51 a.m.31 views

CVE-2023-23994 WordPress Auto Hide Admin Bar Plugin <= 1.6.1 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Marcel Bootsman Auto Hide Admin Bar plugin = 1.6.1 versions...

5.9CVSS5.5AI score0.00392EPSS
Exploits0References1
NVD
NVD
added 2023/03/11 9:15 p.m.27 views

CVE-2013-10021

A vulnerability was found in dd32 Debug Bar Plugin up to 0.8 on WordPress. It has been declared as problematic. Affected by this vulnerability is the function render of the file panels/class-debug-bar-queries.php. The manipulation leads to cross site scripting. The attack can be launched remotely...

6.1CVSS4.5AI score0.00559EPSS
Exploits0References4
Rows per page
Query Builder