63 matches found
CVE-2025-30559
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PluginsPoint Kento WordPress Stats kento-wp-stats allows Stored XSS.This issue affects Kento WordPress Stats: from n/a through = 1.1...
CVE-2025-30559 WordPress Kento WordPress Stats plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PluginsPoint Kento WordPress Stats kento-wp-stats allows Stored XSS.This issue affects Kento WordPress Stats: from n/a through = 1.1...
CVE-2025-30559
CVE-2025-30559 is an XSS in Kento WordPress Stats (stored XSS). Description confirms Cross-site Scripting due to improper input handling during web page generation. Affected: Kento WordPress Stats plugin (WordPress). No public details on exploited versions, root cause specifics beyond input neutr...
CVE-2025-30559 WordPress Kento WordPress Stats plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PluginsPoint Kento WordPress Stats kento-wp-stats allows Stored XSS.This issue affects Kento WordPress Stats: from n/a through = 1.1...
WordPress plugin Kento WordPress Stats 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress Kento WordPress Stats plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Abdi Pranata in WordPress Plugin Kento WordPress Stats versions = 1.1...
CVE-2016-15040
The Kento Post View Counter plugin for WordPress is vulnerable to SQL Injection via the 'kentopvcgeo' parameter in versions up to, and including, 2.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible fo...
CVE-2024-51583
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in KentoThemes Kento Ads Rotator allows Stored XSS.This issue affects Kento Ads Rotator: from n/a through 1.3...
CVE-2024-51583
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PluginsPoint Kento Ads Rotator kento-ads-rotator allows Stored XSS.This issue affects Kento Ads Rotator: from n/a through = 1.3...
CVE-2024-51583 WordPress Kento Ads Rotator plugin <= 1.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PluginsPoint Kento Ads Rotator kento-ads-rotator allows Stored XSS.This issue affects Kento Ads Rotator: from n/a through = 1.3...
WordPress plugin Kento Ads Rotator 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
PT-2024-34726 · Unknown · Kento Ads Rotator
Name of the Vulnerable Software and Affected Versions: Kento Ads Rotator versions prior to 1.3 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This flaw allows Stored XSS, which can be used to inject malicio...
WordPress Kento Ads Rotator plugin <= 1.3 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Kento Ads Rotator versions = 1.3...
WordPress Kento Ads Rotator Plugin <= 1.3 is vulnerable to Cross Site Scripting (XSS)
Software Kento Ads Rotator Type Plugin Vulnerable versions = 1.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51583 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 0d17bd84097b Credits SOPROBRO Required privilege Contributor...
WordPress Kento Post View Counter plugin <= 2.8 - SQL Injection vulnerability
SQL Injection vulnerability discovered by WordFence in WordPress Plugin Kento Post View Counter versions = 2.8...
CVE-2016-15040
The Kento Post View Counter plugin for WordPress is vulnerable to SQL Injection via the 'kentopvcgeo' parameter in versions up to, and including, 2.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible fo...
CVE-2016-15040
The Kento Post View Counter plugin for WordPress is vulnerable to SQL Injection via the 'kentopvcgeo' parameter in versions up to, and including, 2.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible fo...
CVE-2016-15040
The CVE-2016-15040 entry concerns the WordPress plugin Kento Post View Counter . Versions up to and including 2.8 are vulnerable to SQL Injection via the kento_pvc_geo parameter, caused by insufficient escaping of user input and inadequate preparation of the SQL query. The impact described is tha...
CVE-2016-15040 Kento Post View Counter <= 2.8 - SQL Injection
The Kento Post View Counter plugin for WordPress is vulnerable to SQL Injection via the 'kentopvcgeo' parameter in versions up to, and including, 2.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible fo...
PT-2024-10573
Name of the Vulnerable Software and Affected Versions Kento Post View Counter plugin for WordPress versions up to, and including, 2.8 Description The issue allows unauthenticated attackers to perform SQL Injection via the kento pvc geo parameter due to insufficient escaping on the user-supplied...