Lucene search
K

4 matches found

NVD
NVD
added 2026/03/11 12:15 p.m.5 views

CVE-2026-3178

The Name Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'namedirectoryname' parameter in all versions up to, and including, 1.32.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

7.2CVSS0.00255EPSS
Exploits0References5
CVE
CVE
added 2026/03/11 11:9 a.m.9 views

CVE-2026-3178

The CVE concerns the WordPress Name Directory plugin (affected: all versions up to 1.32.1) and a Stored XSS via the name_directory_name parameter. The vulnerability stems from insufficient input sanitization and output escaping, allowing unauthenticated attackers to inject scripts into pages that...

7.2CVSS5.9AI score0.00255EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/01/15 6:21 a.m.4 views

CVE-2025-15283

The Name Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'namedirectoryname' and 'namedirectorydescription' parameters in all versions up to, and including, 1.30.3 due to insufficient input sanitization and output escaping. This makes it possible for...

7.2CVSS5.1AI score0.00325EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/14 12:0 a.m.10 views

PT-2026-2823

Name of the Vulnerable Software and Affected Versions Name Directory plugin for WordPress versions through 1.30.3 Description The Name Directory plugin for WordPress is susceptible to Stored Cross-Site Scripting. This is due to insufficient input sanitization and output escaping in the name...

7.2CVSS5.5AI score0.00325EPSS
Exploits0References7
Rows per page
Query Builder