Lucene search
+L

9 matches found

RedhatCVE
RedhatCVE
added 2025/08/20 5:33 p.m.17 views

CVE-2025-55288

Genealogy is a family tree PHP application. Prior to 4.4.0, Authenticated Reflected Cross-Site Scripting XSS vulnerability was identified in the Genealogy application. Authenticated attackers could run arbitrary JavaScript in another user’s session, leading to session hijacking, data theft, and U...

5.5CVSS5.5AI score0.00272EPSS
Exploits0References1
CVE
CVE
added 2025/08/18 4:57 p.m.25 views

CVE-2025-55288

CVE-2025-55288 affects Genealogy (a PHP-based family tree application). The vulnerability is an authenticated reflected XSS in versions prior to 4.4.0, enabling an attacker with valid credentials to execute arbitrary JavaScript in another user’s session, potentially causing session hijacking, dat...

5.5CVSS5.9AI score0.00272EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.7 views

WordPress Genealogical Tree – WordPress Family Tree Plugin <= 2.2.0.8 is vulnerable to Cross Site Scripting (XSS)

Software Genealogical Tree – WordPress Family Tree Type Plugin Vulnerable versions = 2.2.0.8 Fixed in 2.2.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 3035976be303 Credits Rafi...

6.8AI score0.00284EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.22 views

WordPress Genealogical Tree – WordPress Family Tree plugin <= 2.1.4 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Genealogical Tree – WordPress Family Tree plugin versions = 2.1.4. Solution Update the WordPress Genealogical Tree – WordPress Family Tree plugin to the latest available version at least 2.1.5...

2.1AI score
Exploits0References2Affected Software1
Huntr
Huntr
added 2021/09/12 5:30 p.m.16 views

Cross-site Scripting (XSS) - Stored in fisharebest/webtrees

✍️ Description A malicious actor is able to add a malicious payload as a Family Tree Title, and after click the Family Tree nav button from the My Pages Menu, the XSS payload is executed. 🕵️‍♂️ Proof of Concept 1;Create a new family tree, either when logging in after install for the first time, or...

2.1AI score
Exploits0
ThreatPost
ThreatPost
added 2020/07/22 1:7 p.m.55 views

Leak Exposes Private Data of Genealogy Service Users

A server containing information of users of a genealogy service has exposed the data of 60,000 users, putting them at risk for fraud, phishing and other cybercriminal activity. Research led by Avishai Efrat at WizCase has discovered the leak, which affected an open and unencrypted ElasticSearch...

6.7AI score
Exploits0References5
Openbugbounty
Openbugbounty
added 2018/02/15 7:15 a.m.11 views

kingstree.familytreeguide.com XSS vulnerability

Open Bug Bounty ID: OBB-560183 Description| Value ---|--- Affected Website:| kingstree.familytreeguide.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/01/22 10:38 a.m.13 views

horton-family-tree.com XSS vulnerability

Open Bug Bounty ID: OBB-537432 Description| Value ---|--- Affected Website:| horton-family-tree.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
hackapp
hackapp
added 2016/04/01 8:48 a.m.21 views

MyHeritage - Family Tree - Customized SSL, Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application MyHeritage - Family Tree published at the 'play' market has multiple vulnerabilities...

0.6AI score
Exploits0References1Affected Software1
Rows per page
Query Builder