Lucene search
+L

1071 matches found

OSV
OSV
added 2023/03/29 1:15 p.m.5 views

CVE-2022-38077

Cross-Site Request Forgery CSRF vulnerability in WP OnlineSupport, Essential Plugin Popup Anything – A Marketing Popup and Lead Generation Conversions plugin = 2.2.1 versions...

8.8CVSS5.8AI score0.00256EPSS
Exploits0References1
NVD
NVD
added 2023/03/29 1:15 p.m.22 views

CVE-2022-38077

Cross-Site Request Forgery CSRF vulnerability in WP OnlineSupport, Essential Plugin Popup Anything – A Marketing Popup and Lead Generation Conversions plugin = 2.2.1 versions...

8.8CVSS5.8AI score0.00256EPSS
Exploits0References1
Prion
Prion
added 2023/03/29 1:15 p.m.19 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in WP OnlineSupport, Essential Plugin Popup Anything – A Marketing Popup and Lead Generation Conversions plugin = 2.2.1 versions...

6.8CVSS8.7AI score0.00256EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/03/29 12:19 p.m.51 views

CVE-2022-38077

CVE-2022-38077 is a CSRF vulnerability affecting the WP OnlineSupport / Popup Anything plugin for WordPress, in versions ≤ 2.2.1. The issue permits unauthorized cross-site requests that can be executed by an attacker due to unauthenticated access requirements. A fix has been released: upgrade to ...

8.8CVSS6.5AI score0.00256EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/03/29 12:19 p.m.35 views

CVE-2022-38077 WordPress Popup Anything Plugin <= 2.2.1 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in WP OnlineSupport, Essential Plugin Popup Anything – A Marketing Popup and Lead Generation Conversions plugin = 2.2.1 versions...

4.3CVSS9AI score0.00256EPSS
Exploits0References1
Fedora
Fedora
added 2023/03/14 12:24 a.m.55 views

[SECURITY] Fedora 38 Update: audacious-plugins-4.3-2.fc38

This package provides essential plugins for the Audacious audio player...

8.8CVSS7.4AI score0.01118EPSS
Exploits0
Wiz blog
Wiz blog
added 2023/01/11 6:55 p.m.11 views

Wiz launches Australia cloud data center further demonstrating commitment to ANZ and multinational organizations

Wiz announces availability of new regional data center and adds support for Essential Eight controls...

7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2022/12/14 8:17 p.m.7 views

project10.info Cross Site Scripting vulnerability OBB-3101238

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
NVD
NVD
added 2022/12/12 6:15 p.m.28 views

CVE-2022-3933

The Essential Real Estate WordPress plugin before 3.9.6 does not sanitize and escapes some parameters, which could allow users with a role as low as Admin to perform Cross-Site Scripting attacks...

5.4CVSS0.00869EPSS
Exploits2References1
OSV
OSV
added 2022/12/12 6:15 p.m.6 views

CVE-2022-3933

The Essential Real Estate WordPress plugin before 3.9.6 does not sanitize and escapes some parameters, which could allow users with a role as low as Admin to perform Cross-Site Scripting attacks...

5.4CVSS5.8AI score0.00869EPSS
Exploits2References1
Prion
Prion
added 2022/12/12 6:15 p.m.19 views

Cross site scripting

The Essential Real Estate WordPress plugin before 3.9.6 does not sanitize and escapes some parameters, which could allow users with a role as low as Admin to perform Cross-Site Scripting attacks...

4.9CVSS5.3AI score0.00869EPSS
Exploits2References1Affected Software1
CVE
CVE
added 2022/12/12 5:54 p.m.87 views

CVE-2022-3933

The CVE-2022-3933 issue affects the WordPress Essential Real Estate plugin ≤ 3.9.6. The vulnerability is an authenticated cross-site scripting flaw caused by insufficient sanitization/escaping of parameters, enabling an attacker with a role as low as Admin to inject scripts into a victim’s browse...

5.4CVSS5.3AI score0.00869EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2022/12/12 5:54 p.m.32 views

CVE-2022-3933 Essential Real Estate < 3.9.6 - Reflected Cross-Site-Scripting

The Essential Real Estate WordPress plugin before 3.9.6 does not sanitize and escapes some parameters, which could allow users with a role as low as Admin to perform Cross-Site Scripting attacks...

5.5AI score0.00869EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2022/12/12 5:54 p.m.8 views

CVE-2022-3933 Essential Real Estate < 3.9.6 - Reflected Cross-Site-Scripting

The Essential Real Estate WordPress plugin before 3.9.6 does not sanitize and escapes some parameters, which could allow users with a role as low as Admin to perform Cross-Site Scripting attacks...

5.6AI score0.00869EPSS
Exploits2References1
CNNVD
CNNVD
added 2022/12/12 12:0 a.m.4 views

WordPress plugin Essential Real Estate 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

5.4CVSS5.4AI score0.00869EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2022/12/12 12:0 a.m.5 views

PT-2022-7190 · WordPress · Essential Real Estate

Name of the Vulnerable Software and Affected Versions: Essential Real Estate WordPress plugin versions prior to 3.9.6 Description: The issue is related to the lack of sanitization and escaping of some parameters, which could allow users with a role as low as Admin to perform Cross-Site Scripting...

5.5CVSS5.2AI score0.00869EPSS
Exploits2References5
WPVulnDB
WPVulnDB
added 2022/11/17 12:0 a.m.20 views

Essential Real Estate < 3.9.6 - Reflected Cross-Site-Scripting

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as Admin to perform Cross-Site Scripting attacks. PoC https://example.com/wp-admin/admin-ajax.php?action=erepropertygalleryfillterajaxgap=%22%3E%3Cscript%3Ealert%22xss%22;%3C/script%3E%3C!--...

5.4CVSS1.7AI score0.00869EPSS
Exploits2Affected Software1
Trend Micro Simply Security
Trend Micro Simply Security
added 2022/10/13 12:0 a.m.14 views

Prevent Ransomware Attacks on Critical Infrastructure

Cyberattacks against critical infrastructure can cause massive societal disruption and take an enormous financial toll. Discover how to protect six key OT domains to help prevent ransomware and other threats to essential operations...

1.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2022/09/30 12:17 a.m.14 views

ventilateur-plafond.net Cross Site Scripting vulnerability OBB-2966102

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2022/08/21 12:31 p.m.17 views

jeremyreiss.fr Cross Site Scripting vulnerability OBB-2856889

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Rows per page
Query Builder