Lucene search
K

5 matches found

NVD
NVD
added 2026/06/30 6:16 a.m.12 views

CVE-2026-12560

The Editorial Rating – Product Review & Rating System plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'Link URL' Field in all versions up to, and including, 4.0.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

4.4CVSS0.0024EPSS
Exploits0References9
CVE
CVE
added 2026/06/30 4:30 a.m.18 views

CVE-2026-12560

The Editorial Rating – Product Review & Rating System plugin for WordPress (versions up to 4.0.5) is vulnerable to Stored Cross-Site Scripting via the Link URL field due to insufficient input sanitization and output escaping. Authenticated attackers with administrator-level access can store a pay...

4.4CVSS5.9AI score0.0024EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.18 views

PT-2026-53811

Name of the Vulnerable Software and Affected Versions Editorial Rating – Product Review & Rating System versions prior to 4.0.6 Description Insufficient input sanitization and output escaping allow authenticated attackers with administrator-level access and above to perform Stored Cross-Site...

4.4CVSS6.1AI score0.0024EPSS
Exploits0References16
Positive Technologies
Positive Technologies
added 2024/12/27 12:0 a.m.4 views

PT-2024-36822 · Linkace · Linkace

Name of the Vulnerable Software and Affected Versions: LinkAce versions prior to 1.15.6 Description: A reflected cross-site scripting XSS issue exists in the "URL" field of the "Edit Link" module, where user input is not properly sanitized or encoded before being reflected in the HTML response...

4.6CVSS6.2AI score0.00286EPSS
Exploits1References8
wpexploit
wpexploit
added 2024/03/12 12:0 a.m.158 views

Page Builder Gutenberg Blocks < 3.1.7 - Contributor+ Stored XSS

Description The plugin does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks Create/Edit a Post, add an "Icon" block and...

5.9AI score0.00446EPSS
Exploits2References1
Rows per page
Query Builder