Lucene search
K

13 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-16688

Malicious code in bioql PyPI...

5.3CVSS6.5AI score0.00468EPSS
Exploits0References2
CVE
CVE
added 2024/03/12 8:34 a.m.94 views

CVE-2024-0906

CVE-2024-0906 concerns the WordPress plugin “f(x) Private Site.” The vulnerability allows unauthenticated attackers to access page and post contents protected by the plugin via the plugin’s API. Affected are all versions up to and including 1.2.1. The included Red Hat advisory corroborates the sa...

5.3CVSS6AI score0.00468EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/03/12 12:0 a.m.10 views

WordPress f(x) Private Site Plugin <= 1.2.1 is vulnerable to Sensitive Data Exposure

Software fx Private Site Type Plugin Vulnerable versions = 1.2.1 Fixed in N/A OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-0906 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 800faead5d18 Credits Francesco Carlucci Required...

5.3CVSS6.5AI score0.00468EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/05/15 1:15 p.m.5 views

CVE-2023-0490

The fx TOC WordPress plugin through 1.1.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS6.7AI score0.00462EPSS
Exploits1References1
Prion
Prion
added 2023/05/15 1:15 p.m.18 views

Cross site scripting

The fx TOC WordPress plugin through 1.1.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

4.9CVSS5.4AI score0.00462EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2023/05/15 12:15 p.m.52 views

CVE-2023-0490

CVE-2023-0490 concerns the f(x) TOC WordPress plugin (

5.4CVSS5.5AI score0.00462EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/05/15 12:15 p.m.9 views

CVE-2023-0490 f(x) TOC <= 1.1.0 - Contributor+ Stored XSS

The fx TOC WordPress plugin through 1.1.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4AI score0.00462EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/05/15 12:0 a.m.3 views

WordPress plugin f(x) TOC 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

5.4CVSS6.5AI score0.00462EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/05/15 12:0 a.m.5 views

PT-2023-16302 · WordPress · F(X) Toc Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: fx TOC WordPress plugin versions 1.1.0 and earlier Description: The issue concerns the fx TOC WordPress plugin, which does not properly validate and escape some of its shortcode attributes before outputting them in a page or post. This could...

5.4CVSS8.3AI score0.00462EPSS
Exploits1References4
Patchstack
Patchstack
added 2023/04/26 12:0 a.m.12 views

WordPress f(x) TOC Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)

Software fx TOC Type Plugin Vulnerable versions = 1.1.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0490 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 8736d6d89b3b Credits István Márton Required...

5.4CVSS5.9AI score0.00462EPSS
Exploits1References3Affected Software1
OpenVAS
OpenVAS
added 2012/03/12 12:0 a.m.25 views

Debian Security Advisory DSA 2414-1 (fex)

The remote host is missing an update to fex announced via advisory DSA 2414-1. OpenVAS Vulnerability Test $Id: deb24141.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2414-1 fex Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

4.3CVSS0.04852EPSS
Exploits0
OpenVAS
OpenVAS
added 2012/03/12 12:0 a.m.31 views

Debian Security Advisory DSA 2414-1 (fex)

The remote host is missing an update to fex announced via advisory DSA 2414-1. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

4.3CVSS6.4AI score0.04852EPSS
Exploits0References1
OSV
OSV
added 2012/02/25 12:0 a.m.7 views

DSA-2414-2 fex - regression

Bulletin has no description...

7.2AI score
Exploits0
Rows per page
Query Builder