Lucene search
+L

106 matches found

cvelist
cvelist
added 2024/01/24 2:50 p.m.33 views

CVE-2024-22141 WordPress Profile Builder Pro Plugin <= 3.10.0 is vulnerable to Sensitive Data Exposure

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Cozmoslabs Profile Builder Pro.This issue affects Profile Builder Pro: from n/a through 3.10.0...

6.5CVSS7.7AI score0.00492EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2024/01/24 12:0 a.m.6 views

PT-2024-19228 · Cozmoslabs · Profile Builder

Name of the Vulnerable Software and Affected Versions: Profile Builder Pro versions 3.10.0 and earlier Description: The issue is related to the exposure of sensitive information to an unauthorized actor. This is a vulnerability in Cozmoslabs Profile Builder Pro. Recommendations: For versions 3.10...

7.5CVSS7.6AI score0.00492EPSS
Exploits0References6
cnnvd
cnnvd
added 2024/01/24 12:0 a.m.6 views

WordPress plugin Profile Builder Pro Information Disclosure Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...

7.5CVSS6AI score0.00492EPSS
Exploits0References2
osv
osv
added 2024/01/13 12:15 a.m.4 views

CVE-2024-22142

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Cozmoslabs Profile Builder Pro allows Reflected XSS.This issue affects Profile Builder Pro: from n/a through 3.10.0...

6.1CVSS5.8AI score0.00331EPSS
Exploits0References1
nvd
nvd
added 2024/01/13 12:15 a.m.24 views

CVE-2024-22142

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Cozmoslabs Profile Builder Pro allows Reflected XSS.This issue affects Profile Builder Pro: from n/a through 3.10.0...

7.1CVSS6.9AI score0.00331EPSS
Exploits0References1
prion
prion
added 2024/01/13 12:15 a.m.20 views

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Cozmoslabs Profile Builder Pro allows Reflected XSS.This issue affects Profile Builder Pro: from n/a through 3.10.0...

5.8CVSS7.1AI score0.00331EPSS
Exploits0References1Affected Software1
cve
cve
added 2024/01/12 11:17 p.m.45 views

CVE-2024-22142

CVE-2024-22142 is a cross-site scripting (Reflected XSS) vulnerability in Cozmoslabs Profile Builder Pro (versions

7.1CVSS7AI score0.00331EPSS
Exploits0References1Affected Software1
vulnrichment
vulnrichment
added 2024/01/12 11:17 p.m.16 views

CVE-2024-22142 WordPress Profile Builder Pro Plugin <= 3.10.0 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Cozmoslabs Profile Builder Pro allows Reflected XSS.This issue affects Profile Builder Pro: from n/a through 3.10.0...

7.1CVSS6.9AI score0.00331EPSS
Exploits0References1
cvelist
cvelist
added 2024/01/12 11:17 p.m.35 views

CVE-2024-22142 WordPress Profile Builder Pro Plugin <= 3.10.0 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Cozmoslabs Profile Builder Pro allows Reflected XSS.This issue affects Profile Builder Pro: from n/a through 3.10.0...

7.1CVSS7.2AI score0.00331EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2024/01/12 12:0 a.m.4 views

PT-2024-19229 · Cozmoslabs · Profile Builder

Name of the Vulnerable Software and Affected Versions: Cozmoslabs Profile Builder Pro versions 3.10.0 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. This means that an...

7.1CVSS6.6AI score0.00331EPSS
Exploits0References7
patchstack
patchstack
added 2024/01/10 12:0 a.m.12 views

WordPress Profile Builder Pro Plugin <= 3.10.0 is vulnerable to Cross Site Scripting (XSS)

Software Profile Builder Pro Type Plugin Vulnerable versions = 3.10.0 Fixed in 3.10.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-22142 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 458e79568c87 Credits Dave Jong Patchstack...

7.1CVSS6.5AI score0.00331EPSS
Exploits0References1Affected Software1
patchstack
patchstack
added 2024/01/10 12:0 a.m.12 views

WordPress Profile Builder Pro Plugin <= 3.10.0 is vulnerable to Sensitive Data Exposure

Software Profile Builder Pro Type Plugin Vulnerable versions = 3.10.0 Fixed in 3.10.1 OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2024-22141 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID d6301bb29b09 Credits Dave Jong...

7.5CVSS6.5AI score0.00492EPSS
Exploits0References1Affected Software1
patchstack
patchstack
added 2024/01/10 12:0 a.m.11 views

WordPress Profile Builder Pro Plugin <= 3.10.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Profile Builder Pro Type Plugin Vulnerable versions = 3.10.0 Fixed in 3.10.1 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-22140 Patch priority Low CVSS severity Low 8.8 Developer Claim ownership PSID 81245bbcdd5e Credits Dave Jong...

8.8CVSS6.6AI score0.00263EPSS
Exploits0References1Affected Software1
intel
intel
added 2023/03/10 12:0 a.m.33 views

Intel® Quartus® Advisory

This advisory contains CVEs in Altera products and has been transferred to Altera for support. The updated advisory can be found at the link below: https://www.altera.com/product-security/advisory-archive/intel-sa-00632.html...

6AI score
Exploits0
nvd
nvd
added 2022/02/09 11:15 p.m.26 views

CVE-2022-21205

Improper restriction of XML external entity reference in DSP Builder Pro for IntelR QuartusR Prime Pro Edition before version 21.3 may allow an unauthenticated user to potentially enable information disclosure via network access...

7.5CVSS0.01087EPSS
Exploits0References1
osv
osv
added 2022/02/09 11:15 p.m.5 views

CVE-2022-21205

Improper restriction of XML external entity reference in DSP Builder Pro for IntelR QuartusR Prime Pro Edition before version 21.3 may allow an unauthenticated user to potentially enable information disclosure via network access...

7.5CVSS5.8AI score0.01087EPSS
Exploits0References1
prion
prion
added 2022/02/09 11:15 p.m.16 views

Xxe

Improper restriction of XML external entity reference in DSP Builder Pro for IntelR QuartusR Prime Pro Edition before version 21.3 may allow an unauthenticated user to potentially enable information disclosure via network access...

5CVSS7.3AI score0.01087EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2022/02/09 10:4 p.m.31 views

CVE-2022-21205

Improper restriction of XML external entity reference in DSP Builder Pro for IntelR QuartusR Prime Pro Edition before version 21.3 may allow an unauthenticated user to potentially enable information disclosure via network access...

7.5AI score0.01087EPSS
Exploits0References1
wpvulndb
wpvulndb
added 2020/12/02 12:0 a.m.14 views

Profile Builder & Profile Builder Pro < 3.3.3 - Authenticated Blind SQL Injection

The orderby parameter of the wp-admin/users.php?page=unconfirmedemails=email=asc page, which is available when the "Email confirmation" setting of the plugin is activated default is off, is not properly sanitised and validated before being concatenated in a SQL statement, leading to an SQL...

8AI score
Exploits0References1Affected Software2
patchstack
patchstack
added 2020/12/02 12:0 a.m.10 views

WordPress Profile Builder Pro premium plugin <= 3.3.2 - Authenticated Blind SQL Injection (SQLi) vulnerability

Authenticated Blind SQL Injection SQLi vulnerability found by Lenon Leite in WordPress Profile Builder Pro premium plugin versions = 3.3.2. Solution Update the WordPress Profile Builder Pro premium plugin to the latest available version at least 3.3.3...

3.5AI score
Exploits0References1Affected Software1
Rows per page
Query Builder