Lucene search
K

22 matches found

Patchstack
Patchstack
added 2026/02/03 9:27 a.m.7 views

WordPress Kudos Donations plugin <= 3.2.9 - Reflected Cross-Site Scripting via 'add_query_arg' vulnerability

Reflected Cross-Site Scripting via 'addqueryarg' vulnerability discovered by 0xd4rk5id3 - EnvoraSec in WordPress Plugin Kudos Donations versions = 3.2.9...

6.1CVSS5.3AI score0.0034EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-34025

Malicious code in bioql PyPI...

6.1CVSS8.8AI score0.00398EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-34026

Malicious code in bioql PyPI...

6.1CVSS8.9AI score0.0034EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 7:51 a.m.6 views

CVE-2024-11684

The Kudos Donations – Easy donations and payments with Mollie plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 's' parameter in all versions up to, and including, 3.2.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticat...

6.1CVSS6.4AI score0.00398EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:0 a.m.6 views

CVE-2024-11685

The Kudos Donations – Easy donations and payments with Mollie plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 3.2.9. This makes it possible for unauthenticated attacker...

6.1CVSS6.4AI score0.0034EPSS
Exploits0References1
NVD
NVD
added 2024/11/28 9:15 a.m.15 views

CVE-2024-11685

The Kudos Donations – Easy donations and payments with Mollie plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 3.2.9. This makes it possible for unauthenticated attacker...

6.1CVSS0.0034EPSS
Exploits0References2
OSV
OSV
added 2024/11/28 9:15 a.m.2 views

CVE-2024-11685

The Kudos Donations – Easy donations and payments with Mollie plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 3.2.9. This makes it possible for unauthenticated attacker...

6.1CVSS5.9AI score0.0034EPSS
Exploits0References2
OSV
OSV
added 2024/11/28 9:15 a.m.6 views

CVE-2024-11684

The Kudos Donations – Easy donations and payments with Mollie plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 's' parameter in all versions up to, and including, 3.2.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticat...

6.1CVSS6AI score0.00398EPSS
Exploits0References3
NVD
NVD
added 2024/11/28 9:15 a.m.16 views

CVE-2024-11684

The Kudos Donations – Easy donations and payments with Mollie plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 's' parameter in all versions up to, and including, 3.2.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticat...

6.1CVSS0.00398EPSS
Exploits0References3
CVE
CVE
added 2024/11/28 8:47 a.m.53 views

CVE-2024-11684

CVE-2024-11684 affects the WordPress plugin Kudos Donations – Easy donations and payments with Mollie . It is a Reflected Cross-Site Scripting (XSS) vulnerability exploitable via the s parameter in all versions up to and including 3.2.9, caused by insufficient input sanitization and output escapi...

6.1CVSS6AI score0.00398EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2024/11/28 8:47 a.m.19 views

CVE-2024-11684 Kudos Donations – Easy donations and payments with Mollie <= 3.2.9 - Reflected Cross-Site Scripting

The Kudos Donations – Easy donations and payments with Mollie plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 's' parameter in all versions up to, and including, 3.2.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticat...

6.1CVSS0.00398EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/11/28 8:47 a.m.11 views

CVE-2024-11684 Kudos Donations – Easy donations and payments with Mollie <= 3.2.9 - Reflected Cross-Site Scripting

The Kudos Donations – Easy donations and payments with Mollie plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 's' parameter in all versions up to, and including, 3.2.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticat...

6.1CVSS6.4AI score0.00398EPSS
Exploits0References3
CVE
CVE
added 2024/11/28 8:47 a.m.51 views

CVE-2024-11685

Kudos Donations – Easy donations and Mollie plugin for WordPress is affected by a Reflected Cross‑Site Scripting vulnerability (CVE-2024-11685) due to insufficient escaping in add_query_arg, impacting all versions up to 3.2.9. Unauthenticated attackers could trigger a user action (e.g., link clic...

6.1CVSS6.1AI score0.0034EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/11/28 8:47 a.m.9 views

CVE-2024-11685 Kudos Donations – Easy donations and payments with Mollie <= 3.2.9 - Reflected Cross-Site Scripting via 'add_query_arg'

The Kudos Donations – Easy donations and payments with Mollie plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 3.2.9. This makes it possible for unauthenticated attacker...

6.1CVSS6.4AI score0.0034EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/11/28 8:47 a.m.13 views

CVE-2024-11685 Kudos Donations – Easy donations and payments with Mollie <= 3.2.9 - Reflected Cross-Site Scripting via 'add_query_arg'

The Kudos Donations – Easy donations and payments with Mollie plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 3.2.9. This makes it possible for unauthenticated attacker...

6.1CVSS0.0034EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/11/28 12:0 a.m.5 views

WordPress plugin Kudos Donations 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.1CVSS7.8AI score0.0034EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/11/28 12:0 a.m.4 views

WordPress plugin Kudos Donations 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.1CVSS7.8AI score0.00398EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/11/28 12:0 a.m.5 views

PT-2024-17190 · WordPress · Kudos Donations – Easy Donations/Payment With Mollie

Name of the Vulnerable Software and Affected Versions: Kudos Donations – Easy donations and payment with Mollie plugin for WordPress versions prior to 3.2.9 Description: The issue is related to Reflected Cross-Site Scripting via the s parameter due to insufficient input sanitization and output...

6.1CVSS8.5AI score0.00398EPSS
Exploits0References6
Patchstack
Patchstack
added 2024/11/27 10:15 p.m.5 views

WordPress Kudos Donations plugin <= 3.2.9 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin Kudos Donations versions = 3.2.9...

6.1CVSS6.3AI score0.00398EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/11/27 12:0 a.m.12 views

WordPress Kudos Donations Plugin <= 3.2.9 is vulnerable to Cross Site Scripting (XSS)

Software Kudos Donations Type Plugin Vulnerable versions = 3.2.9 Fixed in 3.3.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-11684 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 27c0ae774d02 Credits vgo0 Required...

5.6AI score0.00398EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder