Lucene search
K

10 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-42735

Malicious code in bioql PyPI...

4.8CVSS5.2AI score0.00489EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:10 p.m.8 views

CVE-2022-3350

The Contact Bank WordPress plugin through 3.0.30 does not sanitise and escape some of its Form settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.6AI score0.00489EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:16 a.m.3 views

CVE-2014-3841

Cross-site scripting XSS vulnerability in the Contact Bank plugin before 2.0.20 for WordPress allows remote attackers to inject arbitrary web script or HTML via the Label field, related to form layout configuration. NOTE: some of these details are obtained from third party information...

4.3CVSS6AI score0.01948EPSS
Exploits0References1
OSV
OSV
added 2022/10/25 5:15 p.m.2 views

CVE-2022-3350

The Contact Bank WordPress plugin through 3.0.30 does not sanitise and escape some of its Form settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.8AI score0.00489EPSS
Exploits2References1
CNNVD
CNNVD
added 2022/10/25 12:0 a.m.5 views

WordPress plugin Contact Bank 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

4.8CVSS5AI score0.00489EPSS
Exploits2References2
Patchstack
Patchstack
added 2015/08/13 12:0 a.m.17 views

WordPress Contact Bank Plugin <= 2.0.225 - Cross Site Scripting

Because of this vulnerability, the attackers can inject arbitrary JavaScript or HTML code. Solution Upgrade the plugin...

2.5AI score
Exploits0References1Affected Software1
Prion
Prion
added 2014/05/22 3:13 p.m.12 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Contact Bank plugin before 2.0.20 for WordPress allows remote attackers to inject arbitrary web script or HTML via the Label field, related to form layout configuration. NOTE: some of these details are obtained from third party information...

4.3CVSS6.3AI score0.01948EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2014/05/22 3:0 p.m.39 views

CVE-2014-3841

The CVE-2014-3841 issue affects the WordPress Contact Bank Plugin (pre-2.0.20). The vulnerability is a stored/reflected XSS via the Label field tied to the plugin’s form layout configuration, allowing remote attackers to inject arbitrary script/HTML. Root cause: improper handling of input in the ...

4.3CVSS6AI score0.01948EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2014/05/22 3:0 p.m.23 views

CVE-2014-3841

Cross-site scripting XSS vulnerability in the Contact Bank plugin before 2.0.20 for WordPress allows remote attackers to inject arbitrary web script or HTML via the Label field, related to form layout configuration. NOTE: some of these details are obtained from third party information...

5.8AI score0.01948EPSS
Exploits0References3
Patchstack
Patchstack
added 2014/05/22 12:0 a.m.19 views

WordPress Contact Bank Plugin <= 2.0.19 - XSS

Because of this vulnerability, the attackers can inject arbitrary web script or HTML via the Label field, related to form layout configuration. Solution Update the plugin...

4.3CVSS2.3AI score0.01948EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder