Lucene search
K

73 matches found

Vulnrichment
Vulnrichment
added 2023/12/31 5:43 p.m.10 views

CVE-2023-52131 WordPress Page Generator Plugin <= 1.7.1 is vulnerable to SQL Injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Zinc Page Generator.This issue affects Page Generator: from n/a through 1.7.1...

7.6CVSS7.6AI score0.00546EPSS
Exploits0References1
CVE
CVE
added 2023/10/24 11:10 a.m.39 views

CVE-2023-45644

CVE-2023-45644: Authenticated (admin+) Stored Cross-Site Scripting in the CPT Shortcode Generator plugin prior to or at version 1.0. Root cause details are not explicitly stated in the provided documents, but the vulnerability is described as a stored XSS affecting admin-level contexts. Public ex...

5.9CVSS5.1AI score0.00409EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/08/30 2:46 p.m.49 views

CVE-2023-34022

CVE-2023-34022 affects the WordPress Dynamic QR Code Generator plugin (versions

7.1CVSS6.1AI score0.00454EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2023/07/18 6:15 p.m.5 views

CVE-2023-33329

Auth. admin+ Reflected Cross-Site Scripting XSS vulnerability in Hijiri Custom Post Type Generator plugin = 2.4.2 versions...

4.8CVSS7.3AI score0.00369EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/07/18 5:15 p.m.11 views

CVE-2023-33329 WordPress Custom Post Type Generator Plugin <= 2.4.2 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Reflected Cross-Site Scripting XSS vulnerability in Hijiri Custom Post Type Generator plugin = 2.4.2 versions...

5.9CVSS5.8AI score0.00369EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/07/17 1:26 p.m.14 views

CVE-2023-35038 WordPress WP PDF Generator Plugin <= 1.2.2 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in wpexperts.Io WP PDF Generator plugin = 1.2.2 versions...

5.4CVSS7.1AI score0.00246EPSS
Exploits0References1
CVE
CVE
added 2023/07/17 1:26 p.m.41 views

CVE-2023-35038

Summary (CVE-2023-35038) Cross-Site Request Forgery (CSRF) in the WordPress plugin WP PDF Generator (wpexperts.Io) versions

8.8CVSS7AI score0.00246EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/06/12 12:0 a.m.31 views

WordPress Plugin Float menu 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. WordPress Plugin Float men...

6.1CVSS6.8AI score0.00458EPSS
Exploits2References2
OSV
OSV
added 2023/06/09 6:16 a.m.3 views

CVE-2023-2607

The Multiple Page Generator Plugin for WordPress is vulnerable to time-based SQL Injection via the orderby and order parameters in versions up to, and including, 3.3.17 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This...

7.2CVSS7.1AI score0.00841EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/06/09 5:33 a.m.7 views

CVE-2023-2607 Multiple Page Generator Plugin <= 3.3.17 - Authenticated (Administrator+) SQL Injection

The Multiple Page Generator Plugin for WordPress is vulnerable to time-based SQL Injection via the orderby and order parameters in versions up to, and including, 3.3.17 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This...

7.2CVSS7.2AI score0.00841EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/06/09 5:33 a.m.28 views

CVE-2023-2607 Multiple Page Generator Plugin <= 3.3.17 - Authenticated (Administrator+) SQL Injection

The Multiple Page Generator Plugin for WordPress is vulnerable to time-based SQL Injection via the orderby and order parameters in versions up to, and including, 3.3.17 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This...

7.2CVSS7.3AI score0.00841EPSS
Exploits0References3
OSV
OSV
added 2023/05/18 10:15 a.m.4 views

CVE-2023-31233

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Haoqisir Baidu Tongji generator plugin = 1.0.2 versions...

4.8CVSS6.7AI score0.00369EPSS
Exploits0References1
CVE
CVE
added 2023/05/18 9:30 a.m.41 views

CVE-2023-31233

CVE-2023-31233 affects the Baidu Tongji generator WordPress plugin (

5.9CVSS5.1AI score0.00369EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2023/03/14 9:15 a.m.23 views

CVE-2022-47143

Cross-Site Request Forgery CSRF vulnerability in Themeisle Multiple Page Generator Plugin – MPG plugin = 3.3.9 versions...

8.8CVSS5.8AI score0.0026EPSS
Exploits0References1
CVE
CVE
added 2023/03/14 8:58 a.m.49 views

CVE-2022-47143

CVE-2022-47143 is a CSRF vulnerability in Themeisle’s MPG Plugin (WordPress) versions

8.8CVSS6.5AI score0.0026EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/14 8:58 a.m.8 views

CVE-2022-47143 WordPress Multiple Page Generator Plugin – MPG Plugin <= 3.3.9 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Themeisle Multiple Page Generator Plugin – MPG plugin = 3.3.9 versions...

4.3CVSS7AI score0.0026EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 4:59 a.m.6 views

SUSE CVE-2016-6631

An issue was discovered in phpMyAdmin. A user can execute a remote code execution attack against a server when phpMyAdmin is being run as a CGI application. Under certain server configurations, a user can pass a query string which is executed as a command-line argument by the file...

7.5CVSS8.2AI score0.0475EPSS
Exploits0References4
OSV
OSV
added 2023/02/06 8:15 p.m.4 views

CVE-2022-4321

The PDF Generator for WordPress plugin before 1.1.2 includes a vendored dompdf example file which is susceptible to Reflected Cross-Site Scripting and could be used against high privilege users such as admin...

6.1CVSS5.8AI score0.01193EPSS
Exploits2References1
ATTACKERKB
ATTACKERKB
added 2022/07/17 11:15 a.m.3 views

CVE-2022-2100

The Page Generator WordPress plugin before 1.6.5 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS5.9AI score0.00493EPSS
Exploits2References2
Patchstack
Patchstack
added 2022/06/27 12:0 a.m.10 views

WordPress Page Generator plugin <= 1.6.5 - Arbitrary Keywords Deletion/Duplication via Cross-Site Request Forgery (CSRF) vulnerability

Arbitrary Keywords Deletion/Duplication via Cross-Site Request Forgery CSRF vulnerability discovered by WPScanTeam in WordPress Page Generator plugin versions = 1.6.5. Solution Update the WordPress Page Generator plugin to the latest available version at least 1.6.6...

4AI score
Exploits0References1Affected Software1
Rows per page
Query Builder