Lucene search
K

70 matches found

Patchstack
Patchstack
added 2024/03/26 12:0 a.m.12 views

WordPress Seriously Simple Podcasting Plugin <= 3.0.2 is vulnerable to Cross Site Scripting (XSS)

Software Seriously Simple Podcasting Type Plugin Vulnerable versions = 3.0.2 Fixed in 3.1.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-25599 Patch priority Medium CVSS severity Medium 7.1 Developer Castos PSID 07063cdb0c71 Credits Rafie Muhammad Patchstack...

7.1CVSS6.5AI score0.00426EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/03/20 5:6 p.m.21 views

CVE-2024-2629

Incorrect security UI in iOS in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

5.7AI score0.00655EPSS
Exploits0References5
Patchstack
Patchstack
added 2024/01/10 12:0 a.m.15 views

WordPress Order Export & Order Import for WooCommerce Plugin <= 2.4.3 is vulnerable to Arbitrary File Upload

Software Order Export & Order Import for WooCommerce Type Plugin Vulnerable versions = 2.4.3 Fixed in 2.4.4 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-22135 Patch priority Medium CVSS severity Medium 8 Developer Claim ownership PSID cc645a98d1b8 Credits Dateoljo ...

8CVSS6.8AI score0.00525EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/11/09 12:0 a.m.19 views

WordPress Martins Free & Easy SEO Link buildings Plugin < 1.2.30 is vulnerable to Cross Site Scripting (XSS)

Software Martins Free & Easy SEO Link buildings Type Plugin Vulnerable versions 1.2.30 Fixed in 1.2.30 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5641 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b26e0b25f0b1...

6.1CVSS5.6AI score0.00444EPSS
Exploits2References4Affected Software1
Patchstack
Patchstack
added 2023/11/07 12:0 a.m.11 views

WordPress Awesome Support Plugin < 6.1.5 is vulnerable to Cross Site Scripting (XSS)

Software Awesome Support Type Plugin Vulnerable versions 6.1.5 Fixed in 6.1.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5354 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1e691e07ad6e Credits Alex Sanford Require...

6.1CVSS5.9AI score0.00398EPSS
Exploits2References4Affected Software1
Patchstack
Patchstack
added 2023/08/29 12:0 a.m.14 views

WordPress Happy Elementor Addons Pro Plugin <= 2.8.0 is vulnerable to Cross Site Scripting (XSS)

Software Happy Elementor Addons Pro Type Plugin Vulnerable versions = 2.8.0 Fixed in 2.8.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-41236 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1e3539666fdb Credits Rafie...

7.1CVSS5.6AI score0.00351EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.7 views

WordPress Locked Payment Methods for WooCommerce Plugin <= 1.3.5 is vulnerable to Cross Site Scripting (XSS)

Software Locked Payment Methods for WooCommerce Type Plugin Vulnerable versions = 1.3.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d253b10ead5d Credits Rafie...

6.5AI score0.00284EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.10 views

WordPress Ultimate Carousel For Divi Plugin < 4.5.1 is vulnerable to Cross Site Scripting (XSS)

Software Ultimate Carousel For Divi Type Plugin Vulnerable versions 4.5.1 Fixed in 4.5.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 62b9f7045643 Credits Rafie Muhammad Patchsta...

6.2AI score0.00284EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.8 views

WordPress WP SMS Plugin for WordPress Plugin < 1.5.1 is vulnerable to Cross Site Scripting (XSS)

Software WP SMS Plugin for WordPress Type Plugin Vulnerable versions 1.5.1 Fixed in 1.5.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c1b7cfc59ff4 Credits Rafie Muhammad...

6.9AI score0.00284EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.6 views

WordPress All in One Invite Codes Plugin < 1.1.11 is vulnerable to Cross Site Scripting (XSS)

Software All in One Invite Codes Type Plugin Vulnerable versions 1.1.11 Fixed in 1.1.11 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 070ddaecd3e9 Credits Rafie Muhammad Patchstac...

6.8AI score0.00284EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.5 views

WordPress WooCommerce Role Based Pricing by Meow Crew Plugin < 1.4.1 is vulnerable to Cross Site Scripting (XSS)

Software WooCommerce Role Based Pricing by Meow Crew Type Plugin Vulnerable versions 1.4.1 Fixed in 1.4.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e917a5406972 Credits Rafie...

6.8AI score0.00284EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.6 views

WordPress Device Wrapper Plugin < 1.1.1 is vulnerable to Cross Site Scripting (XSS)

Software Device Wrapper Type Plugin Vulnerable versions 1.1.1 Fixed in 1.1.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID dffe70065f07 Credits Rafie Muhammad Patchstack Required...

6.8AI score0.00284EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.10 views

WordPress Verbalize WP Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)

Software Verbalize WP Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 21e3ff2fe6c4 Credits Rafie Muhammad Patchstack Required...

6.8AI score0.00284EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.7 views

WordPress PopOverXYZ – Show Light Weight Beautiful Tool Tips On Any Text Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)

Software PopOverXYZ – Show Light Weight Beautiful Tool Tips On Any Text Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

6.2AI score0.00284EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.3 views

WordPress Hire Me Widget Plugin < 1.0.5 is vulnerable to Cross Site Scripting (XSS)

Software Hire Me Widget Type Plugin Vulnerable versions 1.0.5 Fixed in 1.0.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 3fd9a7440ccd Credits Rafie Muhammad Patchstack Required...

6.2AI score0.00284EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.9 views

WordPress Clean Social Icons Plugin <= 0.9.11 is vulnerable to Cross Site Scripting (XSS)

Software Clean Social Icons Type Plugin Vulnerable versions = 0.9.11 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 073edbf35701 Credits Rafie Muhammad Patchstack...

6.2AI score0.00284EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/04/25 12:0 a.m.11 views

WordPress Product Slider For WooCommerce Lite Plugin <= 1.1.7 is vulnerable to Cross Site Scripting (XSS)

Software Product Slider For WooCommerce Lite Type Plugin Vulnerable versions = 1.1.7 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0537 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 5eb92cf8631c Credits...

5.4CVSS5.9AI score0.00503EPSS
Exploits2References2Affected Software1
Prion
Prion
added 2022/11/30 12:15 a.m.20 views

Input validation

Insufficient validation of untrusted input in Downloads in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to bypass Downloads restrictions via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5AI score0.00437EPSS
Exploits0References4Affected Software1
Code423n4
Code423n4
added 2022/02/16 12:0 a.m.10 views

Zero collection module can be whitelisted and set to a post, which will then revert all collects and mirrors with PublicationDoesNotExist

Lines of code Vulnerability details Impact In case when zero collection module be white listed and then zero collection module set to a post done by different actors, its functionality will be partially broken: every collecting and mirroring of it will be reverted with...

6.8AI score
Exploits0
ossfuzz
ossfuzz
added 2020/03/31 3:39 p.m.20 views

ffmpeg:ffmpeg_BSF_TRACE_HEADERS_fuzzer: Index-out-of-bounds in cbs_jpeg_read_huffman_table

Project: https://git.ffmpeg.org/ffmpeg.git Detailed Report: https://oss-fuzz.com/testcase?key=6291612167831552 Project: ffmpeg Fuzzing Engine: libFuzzer Fuzz Target: ffmpegBSFTRACEHEADERSfuzzer Job Type: libfuzzerubsanffmpeg Platform Id: linux Crash Type: Index-out-of-bounds Crash Address: Crash...

6.8AI score
Exploits0Affected Software1
Rows per page
Query Builder