CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1083 matches found

NVD•added 2022/11/08 7:15 p.m.•11 views

CVE-2022-27855

Cross-Site Request Forgery CSRF vulnerability in Fatcat Apps Analytics Cat plugin = 1.0.9 on WordPress allows Plugin Settings Change...

5.4CVSS0.00103EPSS

Exploits0References2

OSV•added 2022/11/08 7:15 p.m.•1 views

CVE-2022-27855

Cross-Site Request Forgery CSRF vulnerability in Fatcat Apps Analytics Cat plugin = 1.0.9 on WordPress allows Plugin Settings Change...

4.3CVSS5.8AI score0.00103EPSS

Exploits0References2

Prion•added 2022/11/08 7:15 p.m.•15 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Fatcat Apps Analytics Cat plugin = 1.0.9 on WordPress allows Plugin Settings Change...

4.3CVSS4.8AI score0.00103EPSS

Exploits0References2Affected Software1

Cvelist•added 2022/11/08 6:30 p.m.•13 views

CVE-2022-27855 WordPress Analytics Cat plugin <= 1.0.9 - Plugin Settings change via Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Fatcat Apps Analytics Cat plugin = 1.0.9 on WordPress allows Plugin Settings Change...

5.4CVSS5.9AI score0.00103EPSS

Exploits0References2

CVE•added 2022/11/08 6:30 p.m.•65 views

CVE-2022-27855

The CVE-2022-27855 CSRF vulnerability affects the Fatcat Apps Analytics Cat plugin for WordPress (versions ≤ 1.0.9). The issue allows an attacker to change plugin settings due to CSRF, enabling unintended configuration changes. Reported root cause is a cross-site request forgery flaw in plugin se...

5.4CVSS4.8AI score0.00103EPSS

Exploits0References2Affected Software1

CNNVD•added 2022/11/08 12:0 a.m.•2 views

WordPress plugin Analytics Cat 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

5.4CVSS5.1AI score0.00103EPSS

Exploits0References3

Positive Technologies•added 2022/11/08 12:0 a.m.•3 views

PT-2022-18644 · Fatcat Apps · Fatcat Apps Analytics Cat Plugin

Name of the Vulnerable Software and Affected Versions: Fatcat Apps Analytics Cat plugin versions = 1.0.9 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows changes to plugin settings. Recommendations: For Fatcat Apps Analytics Cat plugin versions = 1.0.9, update...

5.4CVSS4.5AI score0.00103EPSS

Exploits0References5

CNNVD•added 2022/10/28 12:0 a.m.•1 views

SEMCMS SQL注入漏洞

SEMCMS is a multilingual content management system CMS for foreign trade websites. A SQL injection vulnerability exists in SEMCMS SHOP version 1.1, which originates from a SQL injection issue in AntBlogCat.php...

9.8CVSS8.6AI score0.00732EPSS

Exploits0References3

OSV•added 2022/10/21 4:15 p.m.•1 views

CVE-2022-40311

Auth. admin+ Stored Cross-Site Scripting XSS in Fatcat Apps Analytics Cat plugin = 1.0.9 on WordPress...

4.8CVSS5.8AI score0.00314EPSS

Exploits0References2

NVD•added 2022/10/21 4:15 p.m.•12 views

CVE-2022-40311

Auth. admin+ Stored Cross-Site Scripting XSS in Fatcat Apps Analytics Cat plugin = 1.0.9 on WordPress...

4.8CVSS0.00314EPSS

Exploits0References2

Prion•added 2022/10/21 4:15 p.m.•12 views

Cross site scripting

Auth. admin+ Stored Cross-Site Scripting XSS in Fatcat Apps Analytics Cat plugin = 1.0.9 on WordPress...

4.3CVSS4.8AI score0.00314EPSS

Exploits0References2Affected Software1

Cvelist•added 2022/10/21 3:32 p.m.•12 views

CVE-2022-40311 WordPress Analytics Cat plugin <= 1.0.9 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Auth. admin+ Stored Cross-Site Scripting XSS in Fatcat Apps Analytics Cat plugin = 1.0.9 on WordPress...

4.8CVSS5.1AI score0.00314EPSS

Exploits0References2

CVE•added 2022/10/21 3:32 p.m.•58 views

CVE-2022-40311

The CVE-2022-40311 entry concerns the WordPress plugin Analytics Cat by Fatcat Apps, affected in versions

4.8CVSS4.9AI score0.00314EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2022/10/21 3:32 p.m.•11 views

CVE-2022-40311 WordPress Analytics Cat plugin <= 1.0.9 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Auth. admin+ Stored Cross-Site Scripting XSS in Fatcat Apps Analytics Cat plugin = 1.0.9 on WordPress...

4.8CVSS4.9AI score0.00314EPSS

Exploits0References2

CNNVD•added 2022/10/21 12:0 a.m.•2 views

WordPress Plugin Fatcat Apps Analytics Cat 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

4.8CVSS5AI score0.00314EPSS

Exploits0References3

WPVulnDB•added 2022/09/29 12:0 a.m.•15 views

Analytics Cat < 1.1.0 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS2.4AI score0.00314EPSS

Exploits0Affected Software1

Patchstack•added 2022/09/29 12:0 a.m.•25 views

WordPress Analytics Cat plugin <= 1.0.9 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Vlad Vector Patchstack in WordPress Analytics Cat plugin versions = 1.0.9. Solution Update the WordPress Analytics Cat plugin to the latest available version at least 1.1.0...

4.8CVSS2.4AI score0.00314EPSS

Exploits0Affected Software1

Openbugbounty•added 2022/08/03 6:27 p.m.•17 views

berthoud.catalog.aspencat.info Cross Site Scripting vulnerability OBB-2825079

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score

Exploits0

vulnersOsv•added 2022/07/20 1:36 a.m.•0 views

cc.catalysts.boot:cat-boot-javamelody (>=0.0.4 <=0.2.28), net.bull.javamelody:javamelody-collector-server (>=1.57.0 <=1.60.0) +1 more potentially affected by CVE-2016-1000273 via net.bull.javamelody:javamelody-core (>=1.10.0 <=1.60.0)

net.bull.javamelody:javamelody-core MAVEN version =1.10.0, =0.0.4, =1.57.0, =1.10.0, =1.60.0 Source cves: CVE-2016-1000273 Source advisory: OSV:GHSA-CQHR-JQVC-QW9P...

5.8AI score

Exploits0

NVD•added 2022/06/21 3:15 p.m.•13 views

CVE-2022-27868

A maliciously crafted CAT file in Autodesk AutoCAD 2023 can be used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution...

7.8CVSS0.00515EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by