Lucene search
+L

131 matches found

cnnvd
cnnvd
added 2025/02/06 12:0 a.m.3 views

Nuxt MDC 跨站脚本漏洞

Nuxt MDC is a Nuxt open source application that enhances regular Markdown. A cross-site scripting vulnerability exists in Nuxt MDC that stems from insecure parsing logic for URLs in Markdown, leading to arbitrary JavaScript code execution...

9.3CVSS6.5AI score0.0066EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2025/02/06 12:0 a.m.7 views

PT-2025-5844 · Nuxt.Js · @Nuxtjs/Mdc

Name of the Vulnerable Software and Affected Versions: @nuxtjs/mdc versions prior to 0.13.3 Description: The issue arises from unsafe parsing logic of the URL from markdown, which can lead to arbitrary JavaScript code execution due to a bypass of the existing guards around the javascript: protoco...

9.3CVSS7AI score0.0066EPSS
Exploits0References16
redhatcve
redhatcve
added 2025/02/05 4:9 a.m.4 views

CVE-2024-54404

Cross-Site Request Forgery CSRF vulnerability in Nazmul Ahsan MDC Comment Toolbar mdc-comment-toolbar allows Stored XSS.This issue affects MDC Comment Toolbar: from n/a through = 1.1...

7.1CVSS7.2AI score0.00194EPSS
Exploits0References1
attackerkb
attackerkb
added 2025/01/16 8:15 p.m.6 views

CVE-2025-23639

Cross-Site Request Forgery CSRF vulnerability in Nazmul Ahsan MDC YouTube Downloader mdc-youtube-downloader allows Stored XSS.This issue affects MDC YouTube Downloader: from n/a through = 3.0.0...

7.1CVSS7.2AI score0.00162EPSS
Exploits0References3
nvd
nvd
added 2025/01/16 8:15 p.m.5 views

CVE-2025-23639

Cross-Site Request Forgery CSRF vulnerability in Nazmul Ahsan MDC YouTube Downloader mdc-youtube-downloader allows Stored XSS.This issue affects MDC YouTube Downloader: from n/a through = 3.0.0...

7.1CVSS0.00162EPSS
Exploits0References1
cve
cve
added 2025/01/16 8:6 p.m.47 views

CVE-2025-23639

CVE-2025-23639 is a CSRF-to-Stored XSS issue in MDC YouTube Downloader, affecting versions up to 3.0.0. Connected sources confirm the vulnerability and affected product, but do not provide a patch/version to mitigate or definitive exploit details. Monitoring for updates is advised.

7.1CVSS7.2AI score0.00162EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2025/01/16 8:6 p.m.19 views

CVE-2025-23639 WordPress MDC YouTube Downloader plugin <= 3.0.0 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Nazmul Ahsan MDC YouTube Downloader mdc-youtube-downloader allows Stored XSS.This issue affects MDC YouTube Downloader: from n/a through = 3.0.0...

7.1CVSS0.00162EPSS
Exploits0References1
patchstack
patchstack
added 2025/01/16 6:41 p.m.3 views

WordPress MDC YouTube Downloader plugin <= 3.0.0 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by SOPROBRO in WordPress Plugin MDC YouTube Downloader versions = 3.0.0...

7.1CVSS6.2AI score0.00162EPSS
Exploits0Affected Software1
cnnvd
cnnvd
added 2025/01/16 12:0 a.m.3 views

WordPress plugin MDC YouTube Downloader 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A cross-site...

7.1CVSS8.4AI score0.00162EPSS
Exploits0References1
nvd
nvd
added 2024/12/16 3:15 p.m.10 views

CVE-2024-54404

Cross-Site Request Forgery CSRF vulnerability in Nazmul Ahsan MDC Comment Toolbar mdc-comment-toolbar allows Stored XSS.This issue affects MDC Comment Toolbar: from n/a through = 1.1...

7.1CVSS0.00194EPSS
Exploits0References1
cvelist
cvelist
added 2024/12/16 2:13 p.m.23 views

CVE-2024-54404 WordPress MDC Comment Toolbar plugin <= 1.1 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Nazmul Ahsan MDC Comment Toolbar mdc-comment-toolbar allows Stored XSS.This issue affects MDC Comment Toolbar: from n/a through = 1.1...

7.1CVSS0.00194EPSS
Exploits0References1
cve
cve
added 2024/12/16 2:13 p.m.42 views

CVE-2024-54404

CVE-2024-54404 affects the MDC Comment Toolbar WordPress plugin. Affected: MDC Comment Toolbar

7.1CVSS7.2AI score0.00194EPSS
Exploits0References1
cnnvd
cnnvd
added 2024/12/16 12:0 a.m.3 views

WordPress plugin MDC Comment Toolbar 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

7.1CVSS8.5AI score0.00194EPSS
Exploits0References1
patchstack
patchstack
added 2024/12/12 12:15 p.m.4 views

WordPress MDC Comment Toolbar plugin <= 1.1 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin MDC Comment Toolbar versions = 1.1...

7.1CVSS6.2AI score0.00194EPSS
Exploits0Affected Software1
osv
osv
added 2024/11/19 5:15 p.m.6 views

CVE-2024-51875

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Nazmul Ahsan MDC YouTube Downloader allows DOM-Based XSS.This issue affects MDC YouTube Downloader: from n/a through 3.0.0...

5.4CVSS7.3AI score0.00304EPSS
Exploits0References1
nvd
nvd
added 2024/11/19 5:15 p.m.34 views

CVE-2024-51875

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Nazmul Ahsan MDC YouTube Downloader mdc-youtube-downloader allows DOM-Based XSS.This issue affects MDC YouTube Downloader: from n/a through = 3.0.0...

6.5CVSS0.00304EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2024/11/19 4:31 p.m.9 views

CVE-2024-51875 WordPress MDC YouTube Downloader plugin <= 3.0.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Nazmul Ahsan MDC YouTube Downloader allows DOM-Based XSS.This issue affects MDC YouTube Downloader: from n/a through 3.0.0...

6.5CVSS6.9AI score0.00304EPSS
Exploits0References1
cvelist
cvelist
added 2024/11/19 4:31 p.m.44 views

CVE-2024-51875 WordPress MDC YouTube Downloader plugin <= 3.0.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Nazmul Ahsan MDC YouTube Downloader mdc-youtube-downloader allows DOM-Based XSS.This issue affects MDC YouTube Downloader: from n/a through = 3.0.0...

6.5CVSS0.00304EPSS
Exploits0References1
cve
cve
added 2024/11/19 4:31 p.m.44 views

CVE-2024-51875

CVE-2024-51875 is a DOM-based Cross-Site Scripting vulnerability in the WordPress plugin “MDC YouTube Downloader” (MDC YouTube Downloader) affecting versions up to 3.0.0. The issue stems from improper input neutralization during web page generation, enabling DOM-based XSS. Public records describe...

6.5CVSS7.2AI score0.00304EPSS
Exploits0References1Affected Software1
cnnvd
cnnvd
added 2024/11/19 12:0 a.m.22 views

WordPress plugin MDC YouTube Downloader 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripti...

6.5CVSS7.7AI score0.00304EPSS
Exploits0References1
Rows per page
Query Builder