CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

RedhatCVE•added 2025/05/22 1:18 a.m.•4 views

CVE-2017-1002017

Vulnerability in wordpress plugin gift-certificate-creator v1.0, The code in gc-list.php doesn't sanitize user input to prevent a stored XSS vulnerability...

6.1CVSS6AI score0.00562EPSS

Exploits1References1

Vulnrichment•added 2025/04/02 9:21 a.m.•5 views

CVE-2025-2483 Gift Certificate Creator <= 1.1.0 - Reflected Cross-Site Scripting via receip_address Parameter

The Gift Certificate Creator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘receipaddress’ parameter in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to injec...

6.1CVSS6.5AI score0.00824EPSS

Exploits0References3

CVE•added 2025/04/02 9:21 a.m.•73 views

CVE-2025-2483

CVE-2025-2483 affects the Gift Certificate Creator plugin for WordPress. It allows a Reflected Cross-Site Scripting (XSS) via the receip_address parameter in all versions up to 1.1.0. The issue enables unauthenticated attackers to inject arbitrary scripts into pages that execute when a user perfo...

6.1CVSS6.5AI score0.00824EPSS

Exploits0References3

CNNVD•added 2025/04/02 12:0 a.m.•2 views

WordPress plugin Gift Certificate Creator 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerability...

6.1CVSS6.3AI score0.00824EPSS

Exploits0References4

Positive Technologies•added 2025/04/02 12:0 a.m.•2 views

PT-2025-14472 · WordPress · Gift Certificate Creator

Name of the Vulnerable Software and Affected Versions: The Gift Certificate Creator plugin for WordPress versions up to, and including, 1.1.0 Description: The issue is related to Reflected Cross-Site Scripting due to insufficient input sanitization and output escaping. This allows unauthenticated...

6.1CVSS6.5AI score0.00824EPSS

Exploits0References8

Patchstack•added 2025/04/01 10:42 p.m.•8 views

WordPress Gift Certificate Creator plugin <= 1.1.0 - Reflected Cross-Site Scripting via receip_address Parameter vulnerability

Reflected Cross-Site Scripting via receipaddress Parameter vulnerability discovered by johska in WordPress Plugin Gift Certificate Creator versions = 1.1.0...

6.1CVSS7.3AI score0.00824EPSS

Exploits0References1Affected Software1

NVD•added 2017/09/14 1:29 p.m.•10 views

CVE-2017-1002017

Vulnerability in wordpress plugin gift-certificate-creator v1.0, The code in gc-list.php doesn't sanitize user input to prevent a stored XSS vulnerability...

6.1CVSS6AI score0.00562EPSS

Exploits1References2

OSV•added 2017/09/14 1:29 p.m.•2 views

CVE-2017-1002017

Vulnerability in wordpress plugin gift-certificate-creator v1.0, The code in gc-list.php doesn't sanitize user input to prevent a stored XSS vulnerability...

6.1CVSS5.8AI score0.00562EPSS

Exploits1References2

CVE•added 2017/09/14 1:0 p.m.•47 views

CVE-2017-1002017

CVE-2017-1002017 affects the WordPress plugin Gift Certificate Creator 1.0 . The vulnerability is in the file gc-list.php , where user input is not sanitized, enabling a stored XSS vulnerability. According to NVD, the CVSS2/3 base scores are 4.3 (MEDIUM) and 6.1 (MEDIUM), indicating moderate impa...

6.1CVSS5.9AI score0.00562EPSS

Exploits1References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by