Lucene search
K

28 matches found

CVE
CVE
added 2025/08/16 3:38 a.m.24 views

CVE-2025-7440

CVE-2025-7440 affects the WordPress plugin Anber Elementor Addon , with a Stored Cross-Site Scripting vulnerability in the parameter $item['button_link']['url'] in all versions up to 1.0.1. Exploitation requires authenticated access at Contributor level or higher, and an injected page can execute...

6.4CVSS5.9AI score0.00226EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/16 12:0 a.m.7 views

PT-2025-33526 · WordPress · Anber Elementor Addon

Name of the Vulnerable Software and Affected Versions: Anber Elementor Addon versions up to and including 1.0.1 Description: The Anber Elementor Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the $item'button link''url' parameter due to insufficient input sanitization...

6.4CVSS5.6AI score0.00226EPSS
Exploits0References6
OSV
OSV
added 2025/02/28 9:15 a.m.2 views

CVE-2024-13469

The Pricing Table by PickPlugins plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Button Link in all versions up to, and including, 1.12.10 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-lev...

5.4CVSS7.4AI score0.00197EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/02/28 12:0 a.m.7 views

PT-2025-9067 · WordPress · The Pricing Table

Name of the Vulnerable Software and Affected Versions: The Pricing Table by PickPlugins plugin for WordPress versions up to, and including, 1.12.10 Description: The issue is related to Stored Cross-Site Scripting via the Button Link due to insufficient input sanitization and output escaping. This...

6.4CVSS8AI score0.00197EPSS
Exploits0References8
Patchstack
Patchstack
added 2025/01/10 9:6 p.m.5 views

WordPress Gutenberg Blocks by Kadence Blocks plugin <= 3.4.2 - Authenticated (contributor+) Stored Cross-Site Scripting via Button Link vulnerability

Authenticated contributor+ Stored Cross-Site Scripting via Button Link vulnerability discovered by zer0gh0st in WordPress Plugin Gutenberg Blocks by Kadence Blocks versions = 3.4.2...

6.4CVSS5.8AI score0.00227EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/03/13 4:15 p.m.5 views

CVE-2024-0896

The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the button link parameter in all versions up to, and including, 2.7.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers...

5.4CVSS6AI score0.00505EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2016/02/04 12:0 a.m.19 views

Getdpd Cross Site Scripting

Document Title: =============== Getdpd Bug Bounty 1 - asm0option0 Persistent Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1464 ID: 14770 Release Date: ============= 2016-02-02 Vulnerability Laboratory ID VL-ID:...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2011/08/09 2:9 p.m.4 views

Tweaking Facebook Status with HTML button

Tweaking Facebook Status with HTML button Have you thought that Facebook status updates that can be modified ? Yes we have a tweak for you : One is a Button Tag. One of our Hacker Friend "Acizninja DeadcOde " , admin of https://blog.cyber4rt.com sharing such cool tweaks with The Hacker News reade...

7.2AI score
Exploits0
Rows per page
Query Builder