Lucene search
K

5 matches found

Nuclei
Nuclei
added 10 hours ago26 views

WordPress Plugin Redirect 404 to Parent 1.3.0 - Cross-Site Scripting

The settings page of the plugin did not properly sanitise the tab parameter before outputting it back, leading to a reflected Cross-Site Scripting issue. id: CVE-2021-24286 info: name: WordPress Plugin Redirect 404 to Parent 1.3.0 - Cross-Site Scripting author: r3Y3r53 severity: medium descriptio...

6.1CVSS6.4AI score0.13942EPSS
Exploits5References5
Nuclei
Nuclei
added 10 hours ago68 views

Import XML & RSS Feeds WordPress Plugin <= 2.0.1 Server-Side Request Forgery

WordPress plugin Import XML and RSS Feeds import-xml-feed plugin 2.0.1 contains a server-side request forgery SSRF vulnerability via the data parameter in a moovereadxml action. id: CVE-2020-24148 info: name: Import XML & RSS Feeds WordPress Plugin = 2.0.1 Server-Side Request Forgery author:...

9.1CVSS7AI score0.14745EPSS
Exploits1References5
Nuclei
Nuclei
added 10 hours ago105 views

WordPress Select All Categories and Taxonomies <1.3.2 - Cross-Site Scripting

WordPress Select All Categories and Taxonomies plugin before 1.3.2 contains a cross-site scripting vulnerability. The settings page of the plugin does not properly sanitize the tab parameter before outputting it back. An attacker can inject arbitrary script in the browser of an unsuspecting user ...

6.1CVSS6.5AI score0.10358EPSS
Exploits5References5
Nuclei
Nuclei
added 13 hours ago182 views

Import XML and RSS Feeds < 2.1.5 - Unauthenticated RCE

The Import XML and RSS Feeds WordPress plugin before 2.1.5 allows unauthenticated attackers to execute arbitrary commands via a web shell. id: CVE-2023-4521 info: name: Import XML and RSS Feeds 2.1.5 - Unauthenticated RCE author: princechaddha severity: critical description: The Import XML and RS...

9.8CVSS7.2AI score0.39294EPSS
Exploits2References1
GithubExploit
GithubExploit
added 2021/07/12 2:1 a.m.105 views

Exploit for Server-Side Request Forgery in Mooveagency Import_Xml_And_Rss_Feeds

CVE-2020-24148 Server-side request forgery SSRF in the Impo...

9.1CVSS9.1AI score0.14745EPSS
Exploits1
Rows per page
Query Builder