Lucene search
K

2674 matches found

CNNVD
CNNVD
added 2023/05/26 12:0 a.m.5 views

highlight.io 安全漏洞

highlight.io is open source full stack monitoring platform. Error monitoring, session replay, logging and more. A security vulnerability exists in highlight.io versions prior to 6.0.0 that stems from unintentionally logging password values when using the Show Password button...

6.5CVSS6.4AI score0.00285EPSS
Exploits0References3
Patchstack
Patchstack
added 2023/05/25 12:0 a.m.12 views

WordPress Button Generator – easily Button Builder Plugin <= 2.3.5 is vulnerable to Cross Site Request Forgery (CSRF)

Software Button Generator – easily Button Builder Type Plugin Vulnerable versions = 2.3.5 Fixed in 2.3.6 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-25443 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID ad530edff5de...

6.5CVSS6.6AI score0.00218EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/05/23 1:15 p.m.4 views

CVE-2023-25481

Cross-Site Request Forgery CSRF vulnerability in Podlove Podlove Subscribe button plugin = 1.3.7 versions...

8.8CVSS7.3AI score
Exploits0References1
NVD
NVD
added 2023/05/23 1:15 p.m.16 views

CVE-2023-25481

Cross-Site Request Forgery CSRF vulnerability in Podlove Podlove Subscribe button plugin = 1.3.7 versions...

8.8CVSS6.5AI score0.00248EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/05/23 12:26 p.m.11 views

CVE-2023-25481 WordPress Podlove Subscribe button Plugin <= 1.3.7 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Podlove Podlove Subscribe button plugin = 1.3.7 versions...

5.4CVSS7.1AI score0.00248EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/05/23 12:0 a.m.4 views

PT-2023-20100 · Podlove · Podlove Subscribe Button Plugin

Name of the Vulnerable Software and Affected Versions: Podlove Podlove Subscribe button plugin versions 1.3.7 and earlier Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended...

8.8CVSS8.8AI score0.00248EPSS
Exploits0References4
Cvelist
Cvelist
added 2023/05/21 12:0 a.m.22 views

CVE-2023-33254

There is an LDAP bind credentials exposure on KACE Systems Deployment and Remote Site appliances 9.0.146. The captured credentials may provide a higher privilege level on the Active Directory domain. To exploit this, an authenticated attacker edits the user-authentication settings to specify an...

6.7AI score0.03211EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2023/05/21 12:0 a.m.5 views

PT-2023-24248 · Quest · Kace Systems Deployment/Remote Site Appliances

Name of the Vulnerable Software and Affected Versions: KACE Systems Deployment and Remote Site appliances version 9.0.146 Description: There is an LDAP bind credentials exposure. The captured credentials may provide a higher privilege level on the Active Directory domain. To exploit this, an...

6.5CVSS7.2AI score0.03211EPSS
Exploits1References4
OSV
OSV
added 2023/05/12 3:15 p.m.6 views

CVE-2023-23867

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Gautam Thapar Button Builder – Buttons X plugin = 0.8.6 versions...

5.4CVSS6.7AI score0.00361EPSS
Exploits0References1
NVD
NVD
added 2023/05/12 3:15 p.m.25 views

CVE-2023-23867

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Gautam Thapar Button Builder – Buttons X plugin = 0.8.6 versions...

6.5CVSS5.8AI score0.00361EPSS
Exploits0References1
Prion
Prion
added 2023/05/12 3:15 p.m.14 views

Cross site scripting

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Gautam Thapar Button Builder – Buttons X plugin = 0.8.6 versions...

4.9CVSS5.2AI score0.00361EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/05/12 2:39 p.m.41 views

CVE-2023-23867

CVE-2023-23867: WordPress Button Builder – Buttons X plugin

6.5CVSS5.5AI score0.00361EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/05/12 2:39 p.m.23 views

CVE-2023-23867 WordPress Button Builder – Buttons X Plugin <= 0.8.6 is vulnerable to Cross Site Scripting (XSS)

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Gautam Thapar Button Builder – Buttons X plugin = 0.8.6 versions...

6.5CVSS6AI score0.00361EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/05/12 12:0 a.m.2 views

WordPress Plugin Button Builder – Buttons X 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

6.5CVSS6.5AI score0.00361EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/05/12 12:0 a.m.7 views

WordPress Plugin Button Builder – Buttons X 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

7.8CVSS7.4AI score0.0022EPSS
Exploits0References3
Patchstack
Patchstack
added 2023/05/12 12:0 a.m.8 views

WordPress Button Plugin <= 1.1.23 is vulnerable to Cross Site Scripting (XSS)

Software Button Type Plugin Vulnerable versions = 1.1.23 Fixed in 1.1.24 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23871 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 53d7594604e4 Credits yuyudhn Required privilege...

5.9CVSS5.8AI score0.00366EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2023/05/09 10:2 a.m.5 views

xorg-x11-server: XIPassiveUngrab out-of-bounds access

A vulnerability was found in X.Org. This issue occurs because the handler for the XIPassiveUngrab request accesses out-of-bounds memory when invoked with a high keycode or button code. This flaw can lead to local privilege elevation on systems where the X server runs privileged and remote code...

8.8CVSS6.4AI score0.02516EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/05/09 9:50 a.m.4 views

xorg-x11-server: XIPassiveUngrab out-of-bounds access

A vulnerability was found in X.Org. This issue occurs because the handler for the XIPassiveUngrab request accesses out-of-bounds memory when invoked with a high keycode or button code. This flaw can lead to local privilege elevation on systems where the X server runs privileged and remote code...

8.8CVSS6.4AI score0.02516EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2023/05/07 2:15 a.m.5 views

admin-tool-button (>=1.0.1a0 <=1.0.5a0), aedttest (=0.0.2) +115 more potentially affected by CVE-2023-31047 via django (>=3.2.0 <=3.2.18)

django PYPI version =3.2.0, =1.0.1a0, =2.0.0, =0.0.1, =6.2.0, =0.2.0, =22.0.0.dev21, =22.0.0.dev13, =22.0.0.dev29, =0.1.26, =0.1.27 and more Source cves: CVE-2023-31047 Source advisory: OSV:PYSEC-2023-61...

9.8CVSS6.8AI score0.0138EPSS
Exploits0
OSV
OSV
added 2023/05/03 11:15 a.m.6 views

CVE-2023-25783

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Alex Moss FireCask Like & Share Button plugin = 1.1.5 versions...

4.8CVSS6.6AI score0.00369EPSS
Exploits0References1
Rows per page
Query Builder