Lucene search
K

4 matches found

Cvelist
Cvelist
added 2026/06/10 6:0 a.m.40 views

CVE-2026-9060 Agile Store Locator < 1.6.6 - Admin+ Stored XSS via map_style

The Store Locator WordPress plugin before 1.6.6 does not sanitize and escape one of its settings before storing it and outputting it on the Store Locator WordPress plugin before 1.6.6 admin page, allowing high-privileged users such as administrators to perform Stored Cross-Site Scripting attacks...

0.00138EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/10 6:0 a.m.10 views

CVE-2026-9060 Agile Store Locator < 1.6.6 - Admin+ Stored XSS via map_style

The Store Locator WordPress plugin before 1.6.6 does not sanitize and escape one of its settings before storing it and outputting it on the Store Locator WordPress plugin before 1.6.6 admin page, allowing high-privileged users such as administrators to perform Stored Cross-Site Scripting attacks...

5.5AI score0.00138EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/07/02 12:0 a.m.5 views

PT-2024-35760 · WordPress · La-Studio Element Kit For Elementor

Name of the Vulnerable Software and Affected Versions: LA-Studio Element Kit for Elementor plugin for WordPress versions up to, and including, 1.3.8.1 Description: The issue allows authenticated attackers with Contributor-level access and above to include and execute arbitrary files on the server...

8.8CVSS8AI score0.00955EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2019/10/16 12:0 a.m.5 views

PT-2019-14685 · WordPress · Events Manager

Name of the Vulnerable Software and Affected Versions: Events Manager plugin versions through 5.9.5 Description: The issue arises from improper encoding and insertion of data provided to the map style attribute of shortcodes, specifically locations map and events map, leading to Stored XSS...

5.4CVSS7.1AI score0.01238EPSS
Exploits1References6
Rows per page
Query Builder