Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-27386

Malicious code in bioql PyPI...

6.4CVSS8.8AI score0.00429EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/05/24 6:42 a.m.24 views

CVE-2024-4484 The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce <= 5.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘xaiusername’ parameter in versions up to, and including, 5.5.2 due to insufficient input sanitization and output escapin...

6.4CVSS5.9AI score0.00707EPSS
Exploits0References3
NVD
NVD
added 2024/02/29 1:43 a.m.11 views

CVE-2024-0792

The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 7.0.1 due to insufficient input sanitization and output escaping on RSS feed content. This makes it possible for...

6.4CVSS5.7AI score0.00443EPSS
Exploits0References4
NVD
NVD
added 2024/01/11 9:15 a.m.38 views

CVE-2023-6924

The Photo Gallery by 10Web plugin for WordPress is vulnerable to Stored Cross-Site Scripting via widgets in versions up to, and including, 1.8.18 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with...

4.8CVSS4.3AI score0.00461EPSS
Exploits0References5
Prion
Prion
added 2023/11/07 12:15 p.m.13 views

Cross site scripting

The Featured Image Caption plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode and post meta in all versions up to, and including, 0.8.10 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

4.9CVSS5.9AI score0.00604EPSS
Exploits1References4Affected Software1
Prion
Prion
added 2023/10/30 2:15 p.m.24 views

Cross site scripting

The Simple Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 1.0.20 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with...

4.9CVSS5.2AI score0.0064EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/20 6:35 a.m.5 views

CVE-2023-4919 iframe <= 4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'iframe' Shortcode

The iframe plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the iframe shortcode in versions up to, and including, 4.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level permission and above, ...

6.4CVSS6.8AI score0.00519EPSS
Exploits1References4
Cvelist
Cvelist
added 2023/10/20 6:35 a.m.18 views

CVE-2023-4919 iframe <= 4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'iframe' Shortcode

The iframe plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the iframe shortcode in versions up to, and including, 4.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level permission and above, ...

6.4CVSS5.9AI score0.00519EPSS
Exploits1References4
Rows per page
Query Builder