Lucene search
K

5 matches found

NVD
NVD
added 2024/04/15 7:15 a.m.17 views

CVE-2024-32079

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Michael Dempfle Advanced iFrame allows Stored XSS.This issue affects Advanced iFrame: from n/a through 2024.2...

6.5CVSS6.4AI score0.00339EPSS
Exploits0References1
CVE
CVE
added 2024/04/15 7:9 a.m.61 views

CVE-2024-32079

CVE-2024-32079 affects the Advanced iFrame WordPress plugin. The Connected Wordfence entry specifies an authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode in Advanced iFrame (

6.5CVSS5.2AI score0.00339EPSS
Exploits0References1
CVE
CVE
added 2024/02/05 5:45 a.m.60 views

CVE-2024-24870

The CVE-2024-24870 entry describes a Stored XSS in the WordPress Advanced iFrame plugin (≤ 2023.10) due to Improper Neutralization of Input During Web Page Generation. Affected component: Advanced iFrame plugin; root cause: insufficient input sanitization/escaping in the advanced_iframe context. ...

6.5CVSS5.6AI score0.00289EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/02/05 5:45 a.m.20 views

CVE-2024-24870 WordPress Advanced iFrame Plugin <= 2023.10 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Michael Dempfle Advanced iFrame allows Stored XSS.This issue affects Advanced iFrame: from n/a through 2023.10...

6.5CVSS6.5AI score0.00289EPSS
Exploits0References1
CVE
CVE
added 2007/10/14 7:0 p.m.60 views

CVE-2007-5457

CVE-2007-5457: Joomla Flash Uploader (com_jfu or com_joomla_flash_uploader) 2.5.1 is affected by multiple PHP remote file inclusion vulnerabilities. The root cause is improper handling of the mosConfig_absolute_path parameter, enabling an attacker to specify a URL to install.joomla_flash_uploader...

6.8CVSS7.8AI score0.37581EPSS
Exploits1References5Affected Software2
Rows per page
Query Builder