Lucene search
K

104 matches found

Vulnrichment
Vulnrichment
added 2023/10/17 10:59 a.m.14 views

CVE-2023-45003 WordPress Social Feed Plugin <= 2.2.0 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Arrow Plugins Social Feed | Custom Feed for Social Media Networks plugin = 2.2.0 versions...

7.1CVSS5.9AI score0.00331EPSS
Exploits0References1
Patchstack
Patchstack
added 2023/10/16 12:0 a.m.10 views

WordPress The Awesome Feed – Custom Feed Plugin <= 2.2.5 is vulnerable to Cross Site Scripting (XSS)

Software The Awesome Feed – Custom Feed Type Plugin Vulnerable versions = 2.2.5 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-46077 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID bf6946983fa1 Credits Nguy...

7.1CVSS5.6AI score0.00331EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/10/02 11:15 a.m.2 views

CVE-2023-44264

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Arrow Plugins The Awesome Feed – Custom Feed plugin = 2.2.5 versions...

5.4CVSS7.3AI score0.00328EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/10/02 10:6 a.m.10 views

CVE-2023-44264 WordPress The Awesome Feed – Custom Feed Plugin <= 2.2.5 is vulnerable to Cross Site Scripting (XSS)

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Arrow Plugins The Awesome Feed – Custom Feed plugin = 2.2.5 versions...

6.5CVSS5.6AI score0.00328EPSS
Exploits0References1
CVE
CVE
added 2023/10/02 10:6 a.m.59 views

CVE-2023-44264

CVE-2023-44264 is a stored XSS vulnerability in the WordPress plugin “The Awesome Feed – Custom Feed” (aka wp-facebook-feed) affecting versions

6.5CVSS5.5AI score0.00328EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/09/01 11:15 a.m.6 views

CVE-2023-25042

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Liam Gladdy Storm Consultancy oAuth Twitter Feed for Developers plugin = 2.3.0 versions...

4.8CVSS6.6AI score0.00339EPSS
Exploits0References1
CVE
CVE
added 2023/09/01 10:44 a.m.40 views

CVE-2023-24412

CVE-2023-24412 describes a stored XSS vulnerability in the Web-Settler Image Social Feed WordPress plugin up to version 1.7.6, requiring admin+ authentication to exploit. The issue is associated with the Image Social Feed/“add-instagram” plugin and is documented across multiple sources (NVD/Red H...

5.9CVSS5AI score0.00316EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2023/07/10 4:15 p.m.23 views

CVE-2023-23804

Cross-Site Request Forgery CSRF vulnerability in HasThemes HT Feed plugin = 1.2.7 versions...

8.8CVSS5.8AI score0.00309EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/07/10 11:54 a.m.19 views

CVE-2023-23804 WordPress HT Feed Plugin <= 1.2.7 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in HasThemes HT Feed plugin = 1.2.7 versions...

4.3CVSS7.1AI score0.00309EPSS
Exploits0References1
OSV
OSV
added 2023/05/03 8:15 a.m.4 views

CVE-2023-22691

Cross-Site Request Forgery CSRF vulnerability in Tips and Tricks HQ, Ruhul Amin Category Specific RSS feed Subscription plugin = v2.1 versions...

8.8CVSS7.3AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/06/13 12:0 a.m.5 views

PT-2022-13037 · WordPress · Mitsol Social Post Feed

Name of the Vulnerable Software and Affected Versions: Mitsol Social Post Feed WordPress plugin versions prior to 1.11 Description: The issue allows high privilege users, such as admins, to perform cross-Site Scripting attacks. This is possible because some settings are not properly escaped befor...

4.8CVSS6.4AI score0.00578EPSS
Exploits0References7
Patchstack
Patchstack
added 2019/08/29 12:0 a.m.23 views

WordPress Social LikeBox & Feed plugin <= 2.8.4 - Cross-Site Scripting (XSS) vulnerability

Cross-Site Scripting XSS vulnerability found in WordPress Social LikeBox & Feed plugin versions = 2.8.4. Solution Update the WordPress Social LikeBox & Feed plugin to the latest available version at least 2.8.5...

8.8CVSS2.3AI score0.00709EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2018/04/23 6:29 p.m.4 views

CVE-2018-10301

Cross-site scripting XSS vulnerability in the Web-Dorado Instagram Feed WD plugin before 1.3.1 Premium for WordPress allows remote attackers to inject arbitrary web script or HTML by passing payloads in a comment on an Instagram post...

6.1CVSS7.3AI score0.00957EPSS
Exploits2References2
NVD
NVD
added 2017/11/09 10:29 p.m.18 views

CVE-2017-16758

Cross-site scripting XSS vulnerability in admin/partials/uif-access-token-display.php in the Ultimate Instagram Feed plugin before 1.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the "accesstoken" parameter...

4.8CVSS5.2AI score0.01028EPSS
Exploits2References3
NVD
NVD
added 2017/05/12 6:29 p.m.13 views

CVE-2016-4885

Cross-site request forgery CSRF vulnerability in baserCMS plugin Feed version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors...

8.8CVSS8.9AI score0.00924EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2016/11/20 12:0 a.m.45 views

WordPress Instagram Feed 1.4.6.2 Cross Site Scripting / Cross Site Request Forgery

------------------------------------------------------------------------ Persistent Cross-Site Scripting in Instagram Feed plugin via CSRF ------------------------------------------------------------------------ Sipke Mellema, July 2016...

0.2AI score
Exploits0
CNVD
CNVD
added 2016/09/30 12:0 a.m.2 views

BaserCMS Cross-Site Request Forgery Vulnerability (CNVD-2016-08864)

baserCMS is an enterprise-level content management system CMS. A cross-site request forgery vulnerability exists in baserCMS 3.0.10 and prior versions. The vulnerability can be exploited by an attacker to perform unauthorized operations on the server when the Feed plugin is enabled and a user...

8.8CVSS8.5AI score0.00924EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/09/29 7:4 a.m.2 views

baserCMS plugin Feed vulnerable to cross-site request forgery

Overview baserCMS provided by baserCMS User Group is an opensource content management system. baserCMS and bundled plugin Feed contain a cross-site request forgery vulnerability. Masamu Asato of National Institute of Technology, Okinawa College reported this vulnerability to IPA. JPCERT/CC...

8.8CVSS6.5AI score0.00924EPSS
Exploits0References5
Patchstack
Patchstack
added 2015/04/26 12:0 a.m.7 views

WordPress WP Feed Plugin <= 2015.0426 - Cross Site Scripting

Because of this vulnerability, the attackers can inject arbitrary web script or HTML. Solution Update this plugin...

1.8AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2013/07/08 12:0 a.m.73 views

WordPress feed plugin Sql Injection

The WordPress feed plugin suffers from a Sql Injection vulnerability. Iranian Exploit DataBase http://exploit.iedb.ir Exploit Title : WordPress feed plugin Sql Injection Author : Iranian Exploit DataBase Discovered By : IeDb Email : [email protected] Home : http://exploit.iedb.ir Software Link ...

0.5AI score
Exploits0
Rows per page
Query Builder