Lucene search
K

6 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-34954

Malicious code in bioql PyPI...

4.8CVSS5.2AI score0.00494EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:28 p.m.7 views

CVE-2022-2709

The Float to Top Button WordPress plugin through 2.3.6 does not escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.8AI score0.00494EPSS
Exploits2References1
Cvelist
Cvelist
added 2022/09/19 2:0 p.m.30 views

CVE-2022-2709 Float to Top Button <= 2.3.6 - Admin+ Stored Cross-Site Scripting

The Float to Top Button WordPress plugin through 2.3.6 does not escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5AI score0.00494EPSS
Exploits2References1
wpexploit
wpexploit
added 2022/08/23 12:0 a.m.555 views

Float to Top Button <= 2.3.6 - Admin+ Stored Cross-Site Scripting

The plugin does not escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup Put the following payload in the "Text for the button" or "URL ...

4.8CVSS4.8AI score0.00494EPSS
Exploits2
WPVulnDB
WPVulnDB
added 2022/08/23 12:0 a.m.13 views

Float to Top Button <= 2.3.6 - Admin+ Stored Cross-Site Scripting

The plugin does not escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC Put the following payload in the "Text for the button" or...

4.8CVSS0.7AI score0.00494EPSS
Exploits2Affected Software1
Patchstack
Patchstack
added 2022/08/23 12:0 a.m.22 views

WordPress Float to Top Button plugin <= 2.3.6 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Asif Nawaz Minhas in WordPress Float to Top Button plugin versions = 2.3.6. Solution Deactivate and delete. This plugin has been closed as of August 15, 2022 and is not available for download. This closure is temporary,...

4.8CVSS1.9AI score0.00494EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder