Lucene search
K

2352 matches found

Cvelist
Cvelist
added 2025/02/13 1:52 p.m.19 views

CVE-2025-26551 WordPress Bootstrap collapse plugin <= 1.0.4 - CSRF to Stored Cross-Site Scripting vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sureshdsk Bootstrap collapse bootstrap-collapse allows Stored XSS.This issue affects Bootstrap collapse: from n/a through = 1.0.4...

7.1CVSS0.00231EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/02/13 12:47 p.m.6 views

WordPress Bootstrap collapse plugin <= 1.0.4 - CSRF to Stored Cross-Site Scripting vulnerability

CSRF to Stored Cross-Site Scripting vulnerability discovered by Abdi Pranata in WordPress Plugin Bootstrap collapse versions = 1.0.4...

7.1CVSS5.8AI score0.00231EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/13 9:35 a.m.8 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to bootstrap-4.6.2 CVE-2024-6531

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to bootstrap-4.6.2 CVE-2024-6531. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-6531 DESCRIPTION: Node.js Bootstrap module is vulnerable to cross-site scripting...

6.6AI score
Exploits0Affected Software1
CNNVD
CNNVD
added 2025/02/13 12:0 a.m.3 views

WordPress plugin Bootstrap collapse 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

7.1CVSS7.7AI score0.00231EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 12:32 p.m.6 views

CVE-2024-43140

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in G5Theme Ultimate Bootstrap Elements for Elementor allows PHP Local File Inclusion.This issue affects Ultimate Bootstrap Elements for Elementor: from n/a through 1.4.4...

8.8CVSS6.8AI score0.00582EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 5:59 a.m.3 views

CVE-2024-49677

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in David Cramer Bootstrap Buttons bootstrap-buttons allows Reflected XSS.This issue affects Bootstrap Buttons: from n/a through = 1.2...

7.1CVSS7.2AI score0.00313EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 12:44 a.m.6 views

CVE-2024-37462

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in G5Theme Ultimate Bootstrap Elements for Elementor allows Path Traversal.This issue affects Ultimate Bootstrap Elements for Elementor: from n/a through 1.4.2...

8.8CVSS6.8AI score0.00575EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/04 10:21 p.m.7 views

CVE-2024-53824

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in allbootstrapblocks All Bootstrap Blocks all-bootstrap-blocks allows PHP Local File Inclusion.This issue affects All Bootstrap Blocks: from n/a through = 1.3.19...

7.5CVSS7.2AI score0.00578EPSS
Exploits0References1
OSV
OSV
added 2025/01/30 2:15 p.m.6 views

CVE-2024-13549

The All Bootstrap Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the "Accordion" widget in all versions up to, and including, 1.3.26 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...

5.4CVSS5.9AI score0.00237EPSS
Exploits0References2
CVE
CVE
added 2025/01/30 1:42 p.m.51 views

CVE-2024-13549

CVE-2024-13549 affects the WordPress plugin All Bootstrap Blocks. It is a Stored Cross-Site Scripting (XSS) vulnerability in the Accordion widget, exploitable in all versions up to 1.3.26 due to insufficient input sanitization and output escaping. The issue requires at least Contributor-level aut...

6.4CVSS5.7AI score0.00237EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/01/30 1:42 p.m.17 views

CVE-2024-13549 All Bootstrap Blocks <= 1.3.26 - Authenticated (Contributor+) Stored Cross-Site Scripting

The All Bootstrap Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the "Accordion" widget in all versions up to, and including, 1.3.26 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...

6.4CVSS0.00237EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/01/30 1:42 p.m.8 views

CVE-2024-13549 All Bootstrap Blocks <= 1.3.26 - Authenticated (Contributor+) Stored Cross-Site Scripting

The All Bootstrap Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the "Accordion" widget in all versions up to, and including, 1.3.26 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...

6.4CVSS5.8AI score0.00237EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/01/30 7:23 a.m.5 views

WordPress All Bootstrap Blocks plugin <= 1.3.26 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Nishiv in WordPress Plugin All Bootstrap Blocks versions = 1.3.26...

6.4CVSS5.7AI score0.00237EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/01/30 12:0 a.m.7 views

PT-2025-2215 · WordPress · Bootstrap Blocks

Name of the Vulnerable Software and Affected Versions: All Bootstrap Blocks plugin for WordPress versions up to and including 1.3.26 Description: The issue is related to Stored Cross-Site Scripting via the Accordion widget due to insufficient input sanitization and output escaping. This allows...

6.4CVSS8AI score0.00237EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/01/30 12:0 a.m.5 views

WordPress plugin All Bootstrap Blocks 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

6.4CVSS8.2AI score0.00237EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/01/24 9:40 a.m.5 views

WordPress Bootstrap Ultimate theme <= 1.4.9 - Unauthenticated Limited Local File Inclusion vulnerability

Unauthenticated Limited Local File Inclusion vulnerability discovered by Aril Aprilio forsak3n in WordPress Theme Bootstrap Ultimate versions = 1.4.9...

9.8CVSS7AI score0.01257EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/01/24 9:15 a.m.3 views

CVE-2024-13545

The Bootstrap Ultimate theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.4.9 via the path parameter. This makes it possible for unauthenticated attackers to include PHP files on the server, allowing the execution of any PHP code in those files. This...

9.8CVSS6.2AI score0.01257EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/01/24 8:23 a.m.6 views

CVE-2024-13545 Bootstrap Ultimate <= 1.4.9 - Unauthenticated Limited Local File Inclusion

The Bootstrap Ultimate theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.4.9 via the path parameter. This makes it possible for unauthenticated attackers to include PHP files on the server, allowing the execution of any PHP code in those files. This...

9.8CVSS9.9AI score0.01257EPSS
Exploits0References2
CVE
CVE
added 2025/01/24 8:23 a.m.57 views

CVE-2024-13545

CVE-2024-13545 affects Bootstrap Ultimate theme for WordPress (versions up to 1.4.9). Description: unauthenticated Local File Inclusion via the path parameter allows including PHP files on the server and executing code in those files; if php://filter is enabled, this may lead to Remote Code Execu...

9.8CVSS9.9AI score0.01257EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/01/24 8:23 a.m.22 views

CVE-2024-13545 Bootstrap Ultimate <= 1.4.9 - Unauthenticated Limited Local File Inclusion

The Bootstrap Ultimate theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.4.9 via the path parameter. This makes it possible for unauthenticated attackers to include PHP files on the server, allowing the execution of any PHP code in those files. This...

9.8CVSS0.01257EPSS
Exploits0References2
Rows per page
Query Builder