Lucene search
K

7 matches found

OSV
OSV
added 2021/09/10 2:15 p.m.4 views

CVE-2021-38329

The DJ EmailPublish WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $SERVER"PHPSELF" value in the /dj-email-publish.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.7.2...

6.1CVSS5.8AI score0.00895EPSS
Exploits1References2
NVD
NVD
added 2021/09/10 2:15 p.m.24 views

CVE-2021-38329

The DJ EmailPublish WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $SERVER"PHPSELF" value in the /dj-email-publish.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.7.2...

6.1CVSS0.00895EPSS
Exploits1References2
Prion
Prion
added 2021/09/10 2:15 p.m.15 views

Cross site scripting

The DJ EmailPublish WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $SERVER"PHPSELF" value in the /dj-email-publish.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.7.2...

4.3CVSS6AI score0.00895EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2021/09/10 1:33 p.m.5 views

CVE-2021-38329 DJ EmailPublish <= 1.7.2 Reflected Cross-Site Scripting

The DJ EmailPublish WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $SERVER"PHPSELF" value in the /dj-email-publish.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.7.2...

6.1CVSS6AI score0.00895EPSS
Exploits1References2
Cvelist
Cvelist
added 2021/09/10 1:33 p.m.24 views

CVE-2021-38329 DJ EmailPublish <= 1.7.2 Reflected Cross-Site Scripting

The DJ EmailPublish WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $SERVER"PHPSELF" value in the /dj-email-publish.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.7.2...

6.1CVSS6.2AI score0.00895EPSS
Exploits1References2
CVE
CVE
added 2021/09/10 1:33 p.m.49 views

CVE-2021-38329

The CVE-2021-38329 entry concerns the WordPress plugin DJ EmailPublish. Affected product: DJ EmailPublish WordPress plugin (versions up to and including 1.7.2). Root cause: reflected XSS caused by a reflected $_SERVER["PHP_SELF"] in~/dj-email-publish.php. Impact: attackers can inject arbitrary we...

6.1CVSS6AI score0.00895EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2021/09/10 12:0 a.m.6 views

WordPress 插件 跨站脚本漏洞

WordPress Plugin is an open source application plugin for WordPress. The WordPress plugin DJ EmailPublish suffers from a cross-site scripting vulnerability that stems from the fact that version 1.7.2 of the DJ EmailPublish WordPress plugin is susceptible to reflected cross-site scripting attacks...

6.1CVSS6.1AI score0.00895EPSS
Exploits1References4
Rows per page
Query Builder