Lucene search
K

4 matches found

Patchstack
Patchstack
added 2023/12/19 12:0 a.m.14 views

WordPress Jquery news ticker Plugin <= 3.1 is vulnerable to Cross Site Scripting (XSS)

Software Jquery news ticker Type Plugin Vulnerable versions = 3.1 Fixed in 3.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5432 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 4f07a499a4a8 Credits István Márton Required...

6.4CVSS5.8AI score0.00426EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2018/06/26 4:29 p.m.2 views

CVE-2018-1000508

WP ULike version 2.8.1, 3.1 contains a Cross Site Scripting XSS vulnerability in Settings screen that can result in allows unauthorised users to do almost anything an admin can. This attack appear to be exploitable via Admin must visit logs page. This vulnerability appears to have been fixed in 3...

4.8CVSS5.7AI score
Exploits0References1
NVD
NVD
added 2018/06/26 4:29 p.m.12 views

CVE-2018-1000511

WP ULike version 2.8.1, 3.1 contains a Incorrect Access Control vulnerability in AJAX that can result in allows anybody to delete any row in certain tables. This attack appear to be exploitable via Attacker must make AJAX request. This vulnerability appears to have been fixed in 3.2...

7.5CVSS7.6AI score0.00836EPSS
Exploits1References1
OSV
OSV
added 2018/06/26 4:29 p.m.5 views

CVE-2018-1000511

WP ULike version 2.8.1, 3.1 contains a Incorrect Access Control vulnerability in AJAX that can result in allows anybody to delete any row in certain tables. This attack appear to be exploitable via Attacker must make AJAX request. This vulnerability appears to have been fixed in 3.2...

7.5CVSS5.7AI score0.00836EPSS
Exploits1References1
Rows per page
Query Builder