Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

NVD
NVDadded 2025/08/21 5:15 p.m.4 views

CVE-2025-57763

WeGIA is a Web manager for charitable institutions. Prior to 3.4.7, there is a Reflected Cross-Site Scripting XSS vulnerability in the inseredespacho.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the cpf sccs. This vulnerability is fixed...

6.4CVSS0.0007EPSS
Exploits1References1
OSV
OSVadded 2025/08/21 5:4 p.m.4 views

CVE-2025-57764 WeGIA Cross-Site Scripting (XSS) Reflected endpoint 'cargos.php' parameter 'msg_e'

WeGIA is a Web manager for charitable institutions. Prior to 3.4.7, a Reflected Cross-Site Scripting XSS vulnerability was identified in the cargos.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the msge parameter. This vulnerability is...

6.5CVSS5.7AI score0.00082EPSS
Exploits1References4
Cvelist
Cvelistadded 2025/08/21 4:59 p.m.8 views

CVE-2025-57763 Cross-Site Scripting (XSS) Reflected in 'insere_despacho.php' parameter 'sccs'

WeGIA is a Web manager for charitable institutions. Prior to 3.4.7, there is a Reflected Cross-Site Scripting XSS vulnerability in the inseredespacho.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the cpf sccs. This vulnerability is fixed...

6.4CVSS0.0007EPSS
Exploits1References1
Cvelist
Cvelistadded 2025/08/21 4:46 p.m.8 views

CVE-2025-57762 WeGIA Stored Cross-Site Scripting (XSS) vulnerability in the endpoint 'dependente_docdependente.php' with parameter 'nome'

WeGIA is a Web manager for charitable institutions. Prior to 3.4.7, there is a Stored Cross-Site Scripting XSS vulnerability in the dependentedocdependente.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into the nome parameter. The injected...

6.4CVSS0.0007EPSS
Exploits1References2
RedhatCVE
RedhatCVEadded 2025/05/22 6:8 a.m.2 views

CVE-2018-20978

The wp-all-import plugin before 3.4.7 for WordPress has XSS...

6.1CVSS6.9AI score0.0021EPSS
Exploits0References1
OSV
OSVadded 2025/04/01 6:15 a.m.0 views

CVE-2025-1986

The Gutentor WordPress plugin before 3.4.7 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks...

4.1CVSS5.8AI score
Exploits0References1
OSV
OSVadded 2018/03/09 4:29 p.m.0 views

CVE-2018-0547

Cross-site scripting vulnerability in WP All Import plugin prior to version 3.4.7 for WordPress allows an attacker to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS5.9AI score0.00276EPSS
Exploits0References3
CNVD
CNVDadded 2018/03/08 12:0 a.m.2 views

WordPress WP All Import plugin cross-site scripting vulnerability (CNVD-2018-04771)

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in WordPress WP All Import plugin versions prior to 3.4.7, which can be exploited...

6.1CVSS6.6AI score0.00276EPSS
Exploits0References1
Rows per page
Query Builder