Lucene search
K

123 matches found

OSV
OSV
added 2022/11/18 11:15 p.m.4 views

CVE-2022-41135

Unauth. Plugin Settings Change vulnerability in Modula plugin = 2.6.9 on WordPress...

5.3CVSS5.8AI score0.00454EPSS
Exploits0References1
NVD
NVD
added 2022/11/18 11:15 p.m.21 views

CVE-2022-41135

Unauth. Plugin Settings Change vulnerability in Modula plugin = 2.6.9 on WordPress...

6.5CVSS0.00454EPSS
Exploits0References1
Prion
Prion
added 2022/11/18 11:15 p.m.20 views

Code injection

Unauth. Plugin Settings Change vulnerability in Modula plugin = 2.6.9 on WordPress...

5CVSS5.3AI score0.00454EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/11/18 10:25 p.m.60 views

CVE-2022-41135

The CVE concerns the WordPress Modula image gallery plugin. Affected versions are Modula (WordPress) up to 2.6.9 (and related entries reference 2.6.91/2.6.10 as fixed/versioning in separate sources). The vulnerability is unauthenticated (no credentials required) and allows modification of plugin ...

6.5CVSS5.4AI score0.00454EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/11/18 10:25 p.m.26 views

CVE-2022-41135 WordPress Modula plugin <= 2.6.9 - Unauth. Plugin Settings Change vulnerability

Unauth. Plugin Settings Change vulnerability in Modula plugin = 2.6.9 on WordPress...

6.5CVSS6.6AI score0.00454EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/11/18 10:25 p.m.9 views

CVE-2022-41135 WordPress Modula plugin <= 2.6.9 - Unauth. Plugin Settings Change vulnerability

Unauth. Plugin Settings Change vulnerability in Modula plugin = 2.6.9 on WordPress...

6.5CVSS6.4AI score0.00454EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/11/18 12:0 a.m.5 views

PT-2022-25667 · WordPress · Modula

Name of the Vulnerable Software and Affected Versions: Modula plugin versions prior to 2.6.10 Description: The issue allows unauthorized changes to plugin settings. Recommendations: For Modula plugin versions prior to 2.6.10, update to version 2.6.10 or later to resolve the issue...

6.5CVSS5.2AI score0.00454EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/11/18 12:0 a.m.5 views

WordPress plugin Modula 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.5CVSS5.8AI score0.00454EPSS
Exploits0References2
WPVulnDB
WPVulnDB
added 2022/10/28 12:0 a.m.18 views

Modula < 2.6.91 - Unauthenticated Troubleshooting Settings Update

The plugin does not have authorisation and CSRF checks when updating its troubleshooting settings, which could allow any unauthenticated user to update them...

6.5CVSS3.2AI score0.00454EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/10/28 12:0 a.m.19 views

WordPress Modula plugin <= 2.6.9 - Unauth. Plugin Settings Change vulnerability

Unauth. Plugin Settings Change vulnerability discovered by Nguyen Anh Tien Patchstack Alliance in the WordPress Modula plugin versions = 2.6.9. Solution Update the WordPress Modula Image Gallery plugin to the latest available version at least 2.6.91...

6.5CVSS4.2AI score0.00454EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/14 12:0 a.m.12 views

Modula Image Gallery < 2.6.7 - Reflected Cross-Site Scripting

The plugin does not escape some URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting PoC https://example.com/wp-admin/edit.php?posttype=modula-gallery=modula-addons" Other URLs are affected...

0.6AI score
Exploits0Affected Software1
wpexploit
wpexploit
added 2022/06/14 12:0 a.m.85 views

Modula Image Gallery < 2.6.7 - Reflected Cross-Site Scripting

The plugin does not escape some URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting https://example.com/wp-admin/edit.php?posttype=modula-gallery&page=modula-addons&a"alert/XSS/ Other URLs are affected...

Exploits0
Patchstack
Patchstack
added 2022/06/06 12:0 a.m.11 views

WordPress Modula Image Gallery plugin <= 2.6.6 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by WPScanTeam in WordPress Modula Image Gallery plugin versions = 2.6.6. Solution Update the WordPress Modula Image Gallery plugin to the latest available version at least 2.6.7...

2.7AI score
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2020/02/28 12:0 a.m.24 views

WordPress Modula Image Gallery Plugin < 2.2.5 XSS Vulnerability

The WordPress plugin Copyright C 2020 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the...

5.4CVSS5.6AI score0.01042EPSS
Exploits0References3
CNVD
CNVD
added 2020/02/23 12:0 a.m.1 views

WordPress Modula Image Gallery Cross-Site Scripting Vulnerability

WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language.Modula Image Gallery is used in one of the gallery gallery plugin. A cross-site scripting vulnerability exists in WordPress Modula Image Gallery versions prior to 2.2.5. The vulnerability stems from ...

5.4CVSS6.3AI score0.01042EPSS
Exploits0References1
OSV
OSV
added 2020/02/20 10:15 p.m.1 views

CVE-2020-9003

A stored XSS vulnerability exists in the Modula Image Gallery plugin before 2.2.5 for WordPress. Successful exploitation of this vulnerability would allow an authenticated low-privileged user to inject arbitrary JavaScript code that is viewed by other users...

5.4CVSS6.2AI score0.01042EPSS
Exploits0References4
NVD
NVD
added 2020/02/20 10:15 p.m.20 views

CVE-2020-9003

A stored XSS vulnerability exists in the Modula Image Gallery plugin before 2.2.5 for WordPress. Successful exploitation of this vulnerability would allow an authenticated low-privileged user to inject arbitrary JavaScript code that is viewed by other users...

5.4CVSS5.3AI score0.01042EPSS
Exploits0References4
Prion
Prion
added 2020/02/20 10:15 p.m.13 views

Cross site scripting

A stored XSS vulnerability exists in the Modula Image Gallery plugin before 2.2.5 for WordPress. Successful exploitation of this vulnerability would allow an authenticated low-privileged user to inject arbitrary JavaScript code that is viewed by other users...

3.5CVSS5.2AI score0.01042EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2020/02/20 9:52 p.m.19 views

CVE-2020-9003

A stored XSS vulnerability exists in the Modula Image Gallery plugin before 2.2.5 for WordPress. Successful exploitation of this vulnerability would allow an authenticated low-privileged user to inject arbitrary JavaScript code that is viewed by other users...

5.3AI score0.01042EPSS
Exploits0References4
CVE
CVE
added 2020/02/20 9:52 p.m.118 views

CVE-2020-9003

Summary of CVE-2020-9003 (Modula Image Gallery, WordPress) : A stored XSS vulnerability affects the WordPress Modula Image Gallery plugin, specifically versions before 2.2.5. An authenticated, low-privileged user can inject arbitrary JavaScript code that is then viewed by other users, enabling cl...

5.4CVSS5.2AI score0.01042EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder