Lucene search
K

142 matches found

CVE
CVE
added 2023/10/24 11:58 a.m.36 views

CVE-2023-45764

CVE-2023-45764 is a stored XSS vulnerability in the Gopi Ramasamy Scroll post excerpt plugin for WordPress, affecting versions 8.0. No exploitation details are provided in the documents. Monitor for a vendor patch and apply the upgrade when available.

5.9CVSS5.1AI score0.00418EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/24 11:58 a.m.19 views

CVE-2023-45764 WordPress Scroll post excerpt Plugin <= 8.0 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Gopi Ramasamy Scroll post excerpt plugin = 8.0 versions...

5.9CVSS5.6AI score0.00418EPSS
Exploits0References1
Patchstack
Patchstack
added 2023/10/12 12:0 a.m.14 views

WordPress Scroll post excerpt Plugin <= 8.0 is vulnerable to Cross Site Scripting (XSS)

Software Scroll post excerpt Type Plugin Vulnerable versions = 8.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-45764 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID c3a82d7d0784 Credits Rio Darmawan Required...

5.9CVSS5.7AI score0.00418EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/05/23 3:15 p.m.3 views

CVE-2023-26011

Cross-Site Request Forgery CSRF vulnerability in Tim Eckel Read More Excerpt Link plugin = 1.6 versions...

8.8CVSS7.3AI score0.00256EPSS
Exploits0References1
NVD
NVD
added 2023/05/23 3:15 p.m.32 views

CVE-2023-26011

Cross-Site Request Forgery CSRF vulnerability in Tim Eckel Read More Excerpt Link plugin = 1.6 versions...

8.8CVSS5.8AI score0.00256EPSS
Exploits0References1
Prion
Prion
added 2023/05/23 3:15 p.m.21 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Tim Eckel Read More Excerpt Link plugin = 1.6 versions...

6.8CVSS8.7AI score0.00256EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/05/23 2:44 p.m.38 views

CVE-2023-26011 WordPress Read More Excerpt Link Plugin <= 1.6 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Tim Eckel Read More Excerpt Link plugin = 1.6 versions...

4.3CVSS9AI score0.00256EPSS
Exploits0References1
CVE
CVE
added 2023/05/23 2:44 p.m.47 views

CVE-2023-26011

CVE-2023-26011 is a CSRF vulnerability in the WordPress plugin Read More Excerpt Link (tim Eckel) for versions

8.8CVSS6.5AI score0.00256EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/05/23 12:0 a.m.3 views

WordPress plugin Read More Excerpt Link 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

8.8CVSS8.1AI score0.00256EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/02/27 2:15 p.m.5 views

CVE-2023-1068

The Download Read More Excerpt Link plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.6.0. This is due to missing or incorrect nonce validation on the readmoreexcerptlinkmenuoptions function. This makes it possible for unauthenticated attackers t...

4.3CVSS6.5AI score0.00296EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/02/27 2:15 p.m.4 views

CVE-2023-1068

The Download Read More Excerpt Link plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.6.0. This is due to missing or incorrect nonce validation on the readmoreexcerptlinkmenuoptions function. This makes it possible for unauthenticated attackers t...

4.3CVSS6.3AI score0.00296EPSS
Exploits0References2
CVE
CVE
added 2023/02/27 1:29 p.m.53 views

CVE-2023-1068

CVE-2023-1068 affects the WordPress plugin Download Read More Excerpt Link (versions

4.3CVSS4.6AI score0.00296EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2023/02/27 12:0 a.m.5 views

WordPress Plugin Download Read More Excerpt Link 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

4.3CVSS6.2AI score0.00296EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/02/27 12:0 a.m.5 views

PT-2023-16734 · WordPress · Download Read More Excerpt Link

Name of the Vulnerable Software and Affected Versions: Download Read More Excerpt Link plugin for WordPress versions up to, and including, 1.6.0 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the read more excerpt link menu options...

4.3CVSS5.3AI score0.00296EPSS
Exploits0References5
Patchstack
Patchstack
added 2023/02/21 12:0 a.m.13 views

WordPress Read More Excerpt Link Plugin <= 1.6 is vulnerable to Cross Site Request Forgery (CSRF)

Software Read More Excerpt Link Type Plugin Vulnerable versions = 1.6 Fixed in 1.6.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-26011 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 838704e6067f Credits Mika Required...

8.8CVSS7AI score0.00256EPSS
Exploits0References2Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 4:49 a.m.5 views

SUSE CVE-2017-5612

Cross-site scripting XSS vulnerability in wp-admin/includes/class-wp-posts-list-table.php in the posts list table in WordPress before 4.7.2 allows remote attackers to inject arbitrary web script or HTML via a crafted excerpt...

6.1CVSS5.9AI score0.02874EPSS
Exploits0References3
Schneier on Security
Schneier on Security
added 2023/02/03 8:3 p.m.19 views

A Hacker’s Mind News

A Hackers Mind will be published on Tuesday. I have done a written interview and a podcast interview about the book. Its been chosen as a "February 2023 Must-Read Book" by the Next Big Idea Club. And an "Editors Pick"--whatever that means--on Amazon. There have been three reviews so far. I am...

1AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2022/09/02 5:15 a.m.3 views

CVE-2022-37679

Miniblog.Core v1.0 was discovered to contain a cross-site scripting XSS vulnerability in the component /blog/edit. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Excerpt field...

4.8CVSS5.8AI score0.00411EPSS
Exploits1References2
OSV
OSV
added 2022/09/02 5:15 a.m.5 views

CVE-2022-37679

Miniblog.Core v1.0 was discovered to contain a cross-site scripting XSS vulnerability in the component /blog/edit. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Excerpt field...

4.8CVSS5.9AI score0.00411EPSS
Exploits1References1
Prion
Prion
added 2022/09/02 5:15 a.m.12 views

Cross site scripting

Miniblog.Core v1.0 was discovered to contain a cross-site scripting XSS vulnerability in the component /blog/edit. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Excerpt field...

4.3CVSS5AI score0.00411EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder