Lucene search
K

73 matches found

GithubExploit
GithubExploit
added 2023/11/14 8:40 a.m.33 views

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Liquidweb Restrict_Content

CVE-2023-47668 Restrict Content = 3.2.7 - Information Expo...

7.5CVSS8AI score0.01009EPSS
Exploits2
NVD
NVD
added 2023/04/16 9:15 a.m.38 views

CVE-2022-43458

Auth. contributor+ Cross-Site Scripting XSS vulnerability in Code Tides Advanced Floating Content plugin = 1.2.1 versions...

5.4CVSS4.6AI score0.00386EPSS
Exploits0References1
CVE
CVE
added 2023/04/16 8:29 a.m.177 views

CVE-2022-43458

CVE-2022-43458 affects Code Tides Advanced Floating Content plugin (versions ≤ 1.2.1). The issue is a Cross-Site Scripting (XSS) vulnerability exploitable by users with contributor or higher permissions. Root cause details are not specified beyond the XSS exposure. Mitigation: update to a version...

5.4CVSS4.8AI score0.00386EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/02/21 9:15 a.m.5 views

CVE-2023-0067

The Timed Content WordPress plugin before 2.73 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS6.1AI score0.00471EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/02/21 8:50 a.m.5 views

CVE-2023-0067 Timed Content < 2.73 - Contributor+ Stored XSS

The Timed Content WordPress plugin before 2.73 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.3AI score0.00471EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2023/02/21 12:0 a.m.3 views

PT-2023-15984 · WordPress · Timed Content

Name of the Vulnerable Software and Affected Versions: Timed Content WordPress plugin versions prior to 2.73 Description: The issue concerns the Timed Content WordPress plugin, which does not properly validate and escape some of its shortcode attributes before outputting them in a page or post...

5.4CVSS5.2AI score0.00471EPSS
Exploits2References4
Vulnrichment
Vulnrichment
added 2023/01/23 2:31 p.m.7 views

CVE-2022-4715 Structured Content < 1.5.1 - Contributor+ Stored XSS in Shortcode

The Structured Content WordPress plugin before 1.5.1 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...

5.5AI score0.00471EPSS
Exploits2References1
CNVD
CNVD
added 2019/08/28 12:0 a.m.2 views

WordPress post-pay-counter plugin injection vulnerability

WordPress is the WordPress Foundation's set of blogging platform using PHP language development. The platform supports PHP and MySQL servers to set up a personal blog site. post-pay-counter is used in one of the online paid content billing, management plug-ins. An injection vulnerability exists i...

9.8CVSS7.1AI score0.02072EPSS
Exploits0References1
CNVD
CNVD
added 2016/10/13 12:0 a.m.3 views

Wordpress simplified-content plugin cross-site scripting vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites on PHP and MySQL servers. simplified-content is one of the plug-ins used to simplify the content. A cross-site scripting vulnerability exists in...

6.1CVSS6AI score0.02177EPSS
Exploits1References1
exploitpack
exploitpack
added 2012/10/22 12:0 a.m.13 views

Joomla! Component com_commedia - task SQL Injection

Joomla! Component comcommedia - task SQL Injection Exploit Title: Joomla commedia Remote Exploit dork: inurl:index.php?option=comcommedia Date: 18-10-2012 Author: Daniel Barragan "D4NB4R" Twitter: @D4NB4R Vendor: http://www.ecolora.org/ Version: 3.1 last update on Oct 7, 2012 and lowers License:...

0.2AI score
Exploits0
0day.today
0day.today
added 2012/10/21 12:0 a.m.52 views

Joomla Commedia Plugin (index.php, task parameter) SQL Injection

Exploit for php platform in category web applications Exploit Title: Joomla commedia Remote Exploit dork: inurl:index.php?option=comcommedia Date: 18-10-2012 Author: Daniel Barragan "D4NB4R" Twitter: @D4NB4R Vendor: http://www.ecolora.org/ Version: 3.1 last update on Oct 7, 2012 and lowers Licens...

7.1AI score
Exploits0
0day.today
0day.today
added 2012/10/17 12:0 a.m.20 views

Joomla Component com_commedia SQL Injection Exploit

Commedia - a component and content plugin that allows you to create a content table containing all of the MP3's that are present in any directory of your site, a FTP-server folder, single path to ftp-file or a HTTPS-server DROPBOX, folder, single path to http-file or http-radio Exploit Title:...

6.8AI score
Exploits0
Patchstack
Patchstack
added 2011/01/25 12:0 a.m.7 views

WordPress Featured Content Plugin 0.0.1 - Cross-Site Scripting Vulnerability

Featured Content plugin's "listid" parameter is prone to a cross-site scripting vulnerability. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker can steal...

2.8AI score
Exploits0Affected Software1
Rows per page
Query Builder