Lucene search
K

9 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.1 views

EUVD-2021-11800

Malware in sbrugna...

4.8CVSS5.2AI score0.00677EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/22 7:24 p.m.2 views

CVE-2021-24888

The ImageBoss WordPress plugin before 3.0.6 does not sanitise and escape its Source Name setting, which could allow high privilege users to perform Cross-Site Scripting attacks...

4.8CVSS6AI score0.00677EPSS
Exploits1References1
NVD
NVD
added 2021/11/23 8:15 p.m.8 views

CVE-2021-24888

The ImageBoss WordPress plugin before 3.0.6 does not sanitise and escape its Source Name setting, which could allow high privilege users to perform Cross-Site Scripting attacks...

4.8CVSS0.00677EPSS
Exploits1References1
OSV
OSV
added 2021/11/23 8:15 p.m.12 views

CVE-2021-24888

The ImageBoss WordPress plugin before 3.0.6 does not sanitise and escape its Source Name setting, which could allow high privilege users to perform Cross-Site Scripting attacks...

4.8CVSS6AI score
Exploits0References1
Prion
Prion
added 2021/11/23 8:15 p.m.10 views

Cross site scripting

The ImageBoss WordPress plugin before 3.0.6 does not sanitise and escape its Source Name setting, which could allow high privilege users to perform Cross-Site Scripting attacks...

3.5CVSS4.8AI score0.00677EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/11/23 7:16 p.m.34 views

CVE-2021-24888

CVE-2021-24888 affects the WordPress ImageBoss plugin prior to version 3.0.6. The root cause is failure to sanitize/escape the Source Name setting, enabling stored XSS that could be exploited by high-privilege users. The vulnerability is described as an Admin+ stored cross-site scripting issue, i...

4.8CVSS4.8AI score0.00677EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/11/23 7:16 p.m.13 views

CVE-2021-24888 ImageBoss < 3.0.6 - Admin+ Stored Cross-Site Scripting

The ImageBoss WordPress plugin before 3.0.6 does not sanitise and escape its Source Name setting, which could allow high privilege users to perform Cross-Site Scripting attacks...

5.1AI score0.00677EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/11/23 12:0 a.m.1 views

WordPress 跨站脚本漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in WordPress ImageBoss, which stems from a lack of prope...

4.8CVSS5.1AI score0.00677EPSS
Exploits1References2
Patchstack
Patchstack
added 2021/10/20 12:0 a.m.11 views

WordPress ImageBoss plugin <= 3.0.5 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by Chevon Phillip in WordPress ImageBoss plugin versions = 3.0.5. Solution Update the WordPress ImageBoss plugin to the latest available version at least 3.0.6...

4.8CVSS1.5AI score0.00677EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder