CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2024-26793

Malicious code in bioql PyPI...

6.5CVSS8.7AI score0.00351EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 8:56 a.m.•5 views

CVE-2024-29798

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Appsmav Gratisfaction allows Stored XSS.This issue affects Gratisfaction: from n/a through 4.3.4...

6.5CVSS8.6AI score0.00351EPSS

Exploits0References1

WPVulnDB•added 2024/04/01 12:0 a.m.•13 views

Gratisfaction < 4.3.5 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The Gratisfaction plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 4.3.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to injec...

6.5CVSS5.9AI score0.00351EPSS

Exploits0References1Affected Software1

NVD•added 2024/03/27 1:15 p.m.•13 views

CVE-2024-29798

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Appsmav Gratisfaction allows Stored XSS.This issue affects Gratisfaction: from n/a through 4.3.4...

6.5CVSS6.4AI score0.00351EPSS

Exploits0References1

Cvelist•added 2024/03/27 12:23 p.m.•17 views

CVE-2024-29798 WordPress Gratisfaction plugin <= 4.3.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Appsmav Gratisfaction allows Stored XSS.This issue affects Gratisfaction: from n/a through 4.3.4...

6.5CVSS6.6AI score0.00351EPSS

Exploits0References1

Vulnrichment•added 2024/03/27 12:23 p.m.•14 views

CVE-2024-29798 WordPress Gratisfaction plugin <= 4.3.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Appsmav Gratisfaction allows Stored XSS.This issue affects Gratisfaction: from n/a through 4.3.4...

6.5CVSS6.5AI score0.00351EPSS

Exploits0References1

CVE•added 2024/03/27 12:23 p.m.•55 views

CVE-2024-29798

CVE-2024-29798 is a stored XSS in the Gratisfaction plugin for Gratisfaction (WooCommerce) with affected range listed as Gratisfaction: from n/a through 4.3.4. The CVE entry provides an improper input neutralization during web page generation, enabling stored cross-site scripting. The associated ...

6.5CVSS8.6AI score0.00351EPSS

Exploits0References1

CNNVD•added 2024/03/27 12:0 a.m.•2 views

WordPress Plugin Gratisfaction 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

6.5CVSS7AI score0.00351EPSS

Exploits0References2

Patchstack•added 2024/03/25 12:0 a.m.•9 views

WordPress Gratisfaction Plugin <= 4.3.4 is vulnerable to Cross Site Scripting (XSS)

Software Gratisfaction Type Plugin Vulnerable versions = 4.3.4 Fixed in 4.3.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29798 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 23596df169c6 Credits Ngô Thiên An ancorn from VNPT-VCI Requir...

6.5CVSS6.6AI score0.00351EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by