Lucene search
+L

27 matches found

euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-3778

Malware in sbrugna...

4.3CVSS6.4AI score0.01948EPSS
Exploits0References4
euvd
euvd
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-42735

Malicious code in bioql PyPI...

4.8CVSS5.2AI score0.00489EPSS
Exploits2References1
redhatcve
redhatcve
added 2025/05/22 10:10 p.m.8 views

CVE-2022-3350

The Contact Bank WordPress plugin through 3.0.30 does not sanitise and escape some of its Form settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.6AI score0.00489EPSS
Exploits2References1
redhatcve
redhatcve
added 2025/05/22 3:16 a.m.5 views

CVE-2014-3841

Cross-site scripting XSS vulnerability in the Contact Bank plugin before 2.0.20 for WordPress allows remote attackers to inject arbitrary web script or HTML via the Label field, related to form layout configuration. NOTE: some of these details are obtained from third party information...

4.3CVSS6AI score0.01948EPSS
Exploits0References1
nvd
nvd
added 2022/10/25 5:15 p.m.17 views

CVE-2022-3350

The Contact Bank WordPress plugin through 3.0.30 does not sanitise and escape some of its Form settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS0.00489EPSS
Exploits2References1
osv
osv
added 2022/10/25 5:15 p.m.2 views

CVE-2022-3350

The Contact Bank WordPress plugin through 3.0.30 does not sanitise and escape some of its Form settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.8AI score0.00489EPSS
Exploits2References1
prion
prion
added 2022/10/25 5:15 p.m.15 views

Cross site scripting

The Contact Bank WordPress plugin through 3.0.30 does not sanitise and escape some of its Form settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.3CVSS4.7AI score0.00489EPSS
Exploits2References1Affected Software1
cvelist
cvelist
added 2022/10/25 12:0 a.m.24 views

CVE-2022-3350 Contact Bank <= 3.0.30 - Admin+ Stored Cross-Site Scripting

The Contact Bank WordPress plugin through 3.0.30 does not sanitise and escape some of its Form settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5AI score0.00489EPSS
Exploits2References1
ptsecurity
ptsecurity
added 2022/10/25 12:0 a.m.3 views

PT-2022-21784 · WordPress · Contact Bank Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: Contact Bank WordPress plugin versions 3.0.30 and earlier Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks. This can occur even when the unfiltered html capability is disallowe...

4.8CVSS4.6AI score0.00489EPSS
Exploits2References4
cve
cve
added 2022/10/25 12:0 a.m.61 views

CVE-2022-3350

The CVE-2022-3350 entry concerns the Contact Bank WordPress plugin (versions ≤ 3.0.30). The vulnerability arises from insufficient sanitisation/escaping of Form settings, enabling Stored Cross-Site Scripting by high-privilege users (e.g., admins) even when unfiltered_html is disallowed (e.g., mul...

4.8CVSS4.7AI score0.00489EPSS
Exploits2References1Affected Software1
cnnvd
cnnvd
added 2022/10/25 12:0 a.m.5 views

WordPress plugin Contact Bank 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

4.8CVSS5AI score0.00489EPSS
Exploits2References2
vulnrichment
vulnrichment
added 2022/10/25 12:0 a.m.5 views

CVE-2022-3350 Contact Bank <= 3.0.30 - Admin+ Stored Cross-Site Scripting

The Contact Bank WordPress plugin through 3.0.30 does not sanitise and escape some of its Form settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.7AI score0.00489EPSS
Exploits2References1
patchstack
patchstack
added 2022/09/30 12:0 a.m.23 views

WordPress Contact Bank plugin <= 3.0.30 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Zhang Yunpei in WordPress Contact Bank plugin versions = 3.0.30. Solution Deactivate and delete. This plugin has been closed as of September 28, 2022 and is not available for download. This closure is temporary, pending a...

4.8CVSS2.1AI score0.00489EPSS
Exploits2References1Affected Software1
wpexploit
wpexploit
added 2022/09/29 12:0 a.m.425 views

Contact Bank <= 3.0.30 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its Form settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup Create/edit a form and put the following...

4.8CVSS0.1AI score0.00489EPSS
Exploits2
wpvulndb
wpvulndb
added 2022/09/29 12:0 a.m.25 views

Contact Bank <= 3.0.30 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its Form settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC Create/edit a form and put the following...

4.8CVSS0.7AI score0.00489EPSS
Exploits2Affected Software1
patchstack
patchstack
added 2016/08/01 12:0 a.m.22 views

WordPress Contact Bank Plugin <= 2.1.21 - Cross Site Scripting

Because of this vulnerability, the attackers can inject arbitrary JavaScript or HTML code. Solution Update the plugin...

2.7AI score
Exploits0References1Affected Software1
wpvulndb
wpvulndb
added 2016/08/01 12:0 a.m.12 views

Contact Bank <= 2.1.21 - Cross-Site Scripting (XSS)

The Contact Bank – Contact Form Builder for WordPress WordPress plugin was affected by a Cross-Site Scripting XSS security vulnerability...

1.6AI score
Exploits0References2Affected Software1
packetstorm
packetstorm
added 2016/08/01 12:0 a.m.32 views

WordPress Contact Bank 2.1.21 Cross Site Scripting

------------------------------------------------------------------------ Cross-Site Scripting in Contact Bank WordPress Plugin ------------------------------------------------------------------------ Yorick Koster, July 2016 ------------------------------------------------------------------------...

0.1AI score
Exploits0
patchstack
patchstack
added 2015/08/13 12:0 a.m.17 views

WordPress Contact Bank Plugin <= 2.0.225 - Cross Site Scripting

Because of this vulnerability, the attackers can inject arbitrary JavaScript or HTML code. Solution Upgrade the plugin...

2.5AI score
Exploits0References1Affected Software1
wpvulndb
wpvulndb
added 2015/08/13 12:0 a.m.14 views

Contact Bank <= 2.0.225 - Authenticated Cross-Site Scripting (XSS)

The Contact Bank – Contact Form Builder for WordPress WordPress plugin was affected by an Authenticated Cross-Site Scripting XSS security vulnerability...

1.8AI score
Exploits0References2Affected Software1
Rows per page
Query Builder