Lucene search
K

86 matches found

CVE
CVE
added 2022/04/11 7:36 p.m.91 views

CVE-2021-36848

The CVE applies to WordPress plugin Social Media Feather ≤ v2.0.4, where an authenticated admin+ can trigger a stored XSS due to insufficient sanitization of settings. This could allow execution of JavaScript in a user’s browser. A fix is available in v2.0.5 and later; users should update to at l...

4.8CVSS4.3AI score0.00576EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/04/11 7:36 p.m.18 views

CVE-2021-36848 WordPress Social Media Feather plugin <= 2.0.4 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated admin+ Stored Cross-Site Scripting XSS vulnerability in Social Media Feather WordPress plugin versions = 2.0.4...

3.4CVSS5.1AI score0.00576EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/04/11 12:0 a.m.4 views

WordPress plugin Social Media Feather跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. cross-site scripting vulnerability exists in...

4.8CVSS5.6AI score0.00576EPSS
Exploits0References3
Patchstack
Patchstack
added 2022/02/10 12:0 a.m.19 views

WordPress Social Media Feather plugin <= 2.0.4 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Asif Nawaz Minhas in WordPress Social Media Feather plugin versions = 2.0.4. Solution Update the WordPress Social Media Feather plugin to the latest available version at least 2.0.5...

4.8CVSS2.8AI score0.00576EPSS
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
added 2022/02/10 12:0 a.m.28 views

Social Media Feather < 2.0.5 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

4.8CVSS3.8AI score0.00576EPSS
Exploits0Affected Software1
Packet Storm
Packet Storm
added 2012/04/27 12:0 a.m.18 views

Feather CMS SQL Injection

Exploit Title : Feather CMS SQL Injection Vulnerability Author : Secure-Land Security Team Discovered By : farbodmahini Home : Secure-Land.net Version : All Version Vendor : www.kpsy.net Contact : [email protected] , [email protected] Security Risk : High DorK : "Powered by: Feather Inc"...

0.5AI score
Exploits0
Rows per page
Query Builder