Lucene search
K

7 matches found

EUVD
EUVD
added 2026/04/09 9:31 p.m.5 views

EUVD-2023-60550

WordPress adivaha Travel Plugin 2.3 contains a time-based blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'pid' GET parameter. Attackers can send requests to the /mobile-app/v3/ endpoint with crafted 'pid'...

8.8CVSS6AI score0.00269EPSS
Exploits0References5
NVD
NVD
added 2026/04/09 9:16 p.m.10 views

CVE-2023-54358

WordPress adivaha Travel Plugin 2.3 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the isMobile parameter. Attackers can craft malicious URLs containing JavaScript payloads in the isMobile GET parameter at...

6.1CVSS0.00263EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/09 8:54 p.m.16 views

CVE-2023-54359 WordPress adivaha Travel Plugin 2.3 SQL Injection via pid

WordPress adivaha Travel Plugin 2.3 contains a time-based blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'pid' GET parameter. Attackers can send requests to the /mobile-app/v3/ endpoint with crafted 'pid'...

8.8CVSS0.00269EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/09 8:54 p.m.2 views

CVE-2023-54359

WordPress adivaha Travel Plugin 2.3 contains a time-based blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'pid' GET parameter. Attackers can send requests to the /mobile-app/v3/ endpoint with crafted 'pid'...

8.8CVSS6AI score0.00269EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/04/09 8:54 p.m.12 views

CVE-2023-54359

The affected product is WordPress adivaha Travel Plugin 2.3. The vulnerability is a time-based blind SQL injection in the pid parameter, exploitable via the /mobile-app/v3/ endpoint, allowing unauthenticated attackers to manipulate queries and potentially extract sensitive data. The description n...

8.8CVSS6AI score0.00269EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/09 8:54 p.m.5 views

CVE-2023-54358 WordPress adivaha Travel Plugin 2.3 Reflected XSS via isMobile

WordPress adivaha Travel Plugin 2.3 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the isMobile parameter. Attackers can craft malicious URLs containing JavaScript payloads in the isMobile GET parameter at...

6.1CVSS6.1AI score0.00263EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/09 12:0 a.m.3 views

PT-2026-31725

WordPress adivaha Travel Plugin 2.3 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the isMobile parameter. Attackers can craft malicious URLs containing JavaScript payloads in the isMobile GET parameter at...

6.1CVSS6.2AI score0.00263EPSS
Exploits0References5
Rows per page
Query Builder