Lucene search
K

110 matches found

Patchstack
Patchstack
added 2025/05/22 12:56 p.m.7 views

WordPress Goodlayers Hostel plugin <= 3.1.4 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Bonds in WordPress Plugin Goodlayers Hostel versions = 3.1.4...

9.3CVSS7.8AI score0.00371EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/05/20 1:1 p.m.5 views

WordPress Goodlayers Hotel plugin <= 3.1.4 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Bonds in WordPress Plugin Goodlayers Hotel versions = 3.1.4...

7.1CVSS5.9AI score0.00235EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/05/20 1:1 p.m.7 views

WordPress Goodlayers Hostel Plugin <= 3.1.2 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Bonds in WordPress Plugin Goodlayers Hostel versions = 3.1.2...

7.1CVSS5.9AI score0.00235EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/05/20 12:8 p.m.10 views

WordPress Goodlayers Hotel plugin <= 3.1.4 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Bonds in WordPress Plugin Goodlayers Hotel versions = 3.1.4...

9.8CVSS7.1AI score0.00503EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/05/20 12:7 p.m.6 views

WordPress Goodlayers Hostel Plugin <= 3.1.2 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Bonds in WordPress Plugin Goodlayers Hostel versions = 3.1.2...

9.8CVSS7.1AI score0.00503EPSS
Exploits0Affected Software1
NVD
NVD
added 2025/03/03 2:15 p.m.4 views

CVE-2025-23521

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GoodLayers Goodlayers Blocks goodlayers-blocks allows Reflected XSS.This issue affects Goodlayers Blocks: from n/a through = 1.0.1...

7.1CVSS0.00342EPSS
Exploits0References1
CVE
CVE
added 2025/03/03 1:30 p.m.56 views

CVE-2025-23521

The CVE CVE-2025-23521 concerns a Reflected Cross-Site Scripting (XSS) in the WordPress plugin Goodlayers Blocks, affecting versions up to 1.0.1. The root cause is improper input neutralization during web page generation. Affected component: Goodlayers Blocks (WordPress plugin). Impact details in...

7.1CVSS5.9AI score0.00342EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/03 1:30 p.m.2 views

CVE-2025-23521 WordPress Goodlayers Blocks plugin <= 1.0.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GoodLayers Goodlayers Blocks goodlayers-blocks allows Reflected XSS.This issue affects Goodlayers Blocks: from n/a through = 1.0.1...

7.1CVSS5.9AI score0.00342EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/03 1:30 p.m.17 views

CVE-2025-23521 WordPress Goodlayers Blocks plugin <= 1.0.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GoodLayers Goodlayers Blocks goodlayers-blocks allows Reflected XSS.This issue affects Goodlayers Blocks: from n/a through = 1.0.1...

7.1CVSS0.00342EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/03/03 12:0 a.m.4 views

WordPress plugin Goodlayers Blocks 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

7.1CVSS5.9AI score0.00342EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/01/30 8:8 a.m.5 views

WordPress GoodLayers Core plugin < 2.1.3 - Subscriber+ Stored XSS via SVG Upload vulnerability

Subscriber+ Stored XSS via SVG Upload vulnerability discovered by Amine SAJID in WordPress Plugin Goodlayers Core versions 2.1.3...

6.5CVSS6AI score0.00263EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2025/01/30 6:15 a.m.5 views

CVE-2024-12163

The goodlayers-core WordPress plugin before 2.1.3 allows users with a subscriber role and above to upload SVGs containing malicious payloads...

6.5CVSS7.3AI score0.00263EPSS
Exploits1References1
CVE
CVE
added 2025/01/30 6:0 a.m.59 views

CVE-2024-12163

CVE-2024-12163 affects the WordPress plugin Goodlayers Core (Goodlayers Core) before version 2.1.3. The issue, as described in multiple sources, allows users with the Subscriber role and above to upload SVG files containing malicious payloads, enabling a stored Cross-Site Scripting (XSS) conditio...

6.5CVSS6.5AI score0.00263EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/01/30 6:0 a.m.9 views

CVE-2024-12163 GoodLayers Core < 2.1.3 - Subscriber+ Stored XSS via SVG Upload

The goodlayers-core WordPress plugin before 2.1.3 allows users with a subscriber role and above to upload SVGs containing malicious payloads...

6.5AI score0.00263EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/01/30 6:0 a.m.21 views

CVE-2024-12163 GoodLayers Core < 2.1.3 - Subscriber+ Stored XSS via SVG Upload

The goodlayers-core WordPress plugin before 2.1.3 allows users with a subscriber role and above to upload SVGs containing malicious payloads...

0.00263EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/01/30 12:0 a.m.5 views

WordPress plugin goodlayers-core 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability in...

6.5CVSS8.3AI score0.00263EPSS
Exploits1References1
Patchstack
Patchstack
added 2025/01/16 6:41 p.m.5 views

WordPress Goodlayers Blocks plugin <= 1.0.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin Goodlayers Blocks versions = 1.0.1...

7.1CVSS6.1AI score0.00342EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/01/02 6:53 a.m.4 views

WordPress Goodlayers Core plugin < 2.0.10 - Contributor+ Stored XSS vulnerability

Contributor+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin Goodlayers Core versions 2.0.10...

5.9CVSS6.1AI score0.00311EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2025/01/02 6:15 a.m.3 views

CVE-2024-11357

The goodlayers-core WordPress plugin before 2.0.10 does not sanitise and escape some of its settings, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.9CVSS7.3AI score0.00311EPSS
Exploits1References1
NVD
NVD
added 2025/01/02 6:15 a.m.14 views

CVE-2024-11357

The goodlayers-core WordPress plugin before 2.0.10 does not sanitise and escape some of its settings, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.9CVSS0.00311EPSS
Exploits1References1
Rows per page
Query Builder