Lucene search
K

6 matches found

Cvelist
Cvelist
added 2014/03/03 4:0 p.m.46 views

CVE-2013-1409

Cross-site scripting XSS vulnerability in the CommentLuv plugin before 2.92.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the ajaxnonce parameter to wp-admin/admin-ajax.php...

5.7AI score0.04546EPSS
Exploits3References5
CVE
CVE
added 2014/03/03 4:0 p.m.52 views

CVE-2013-1409

CVE-2013-1409 affects the WordPress CommentLuv plugin prior to 2.92.4. The vulnerability is a cross-site scripting (XSS) flaw in the _ajax_nonce parameter passed to wp-admin/admin-ajax.php, allowing an attacker to inject arbitrary script/HTML. CVSSv2 base score listed as 4.3 (Medium) with I-P imp...

4.3CVSS5.8AI score0.04546EPSS
Exploits3References5Affected Software1
securityvulns
securityvulns
added 2013/02/11 12:0 a.m.89 views

Cross-Site Scripting (XSS) Vulnerability in CommentLuv WordPress Plugin

Advisory ID: HTB23138 Product: CommentLuv WordPress plugin Vendor: Andy Bailey Vulnerable Versions: 2.92.3 and probably prior Tested Version: 2.92.3 Vendor Notification: January 16, 2013 Vendor Patch: January 17, 2013 Public Disclosure: February 6, 2013 Vulnerability Type: Cross-Site Scripting...

4.3CVSS6.2AI score0.04546EPSS
Exploits3
0day.today
0day.today
added 2013/02/07 12:0 a.m.73 views

WordPress CommentLuv 2.92.3 Cross Site Scripting Vulnerability

WordPress CommentLuv version 2.92.3 suffers from a cross site scripting vulnerability. Product: CommentLuv WordPress plugin Vendor: Andy Bailey Vulnerable Versions: 2.92.3 and probably prior Tested Version: 2.92.3 Vendor Notification: January 16, 2013 Vendor Patch: January 17, 2013 Public...

6.7AI score0.04546EPSS
Exploits3
Packet Storm
Packet Storm
added 2013/02/06 12:0 a.m.67 views

WordPress CommentLuv 2.92.3 Cross Site Scripting

Advisory ID: HTB23138 Product: CommentLuv WordPress plugin Vendor: Andy Bailey Vulnerable Versions: 2.92.3 and probably prior Tested Version: 2.92.3 Vendor Notification: January 16, 2013 Vendor Patch: January 17, 2013 Public Disclosure: February 6, 2013 Vulnerability Type: Cross-Site Scripting...

4.3CVSS0.04546EPSS
Exploits3
Circl
Circl
added 2013/02/06 12:0 a.m.30 views

CVE-2013-1409

creationtimestamp| type| source ---|---|--- 2013-02-06 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/38296...

4.3CVSS6.8AI score0.04546EPSS
Exploits3References1
Rows per page
Query Builder