Lucene search
K

9 matches found

Patchstack
Patchstack
added 2026/03/30 9:46 a.m.4 views

WordPress FloristPress for Woo plugin <= 7.8.2 - Reflected Cross-Site Scripting via 'noresults' Parameter vulnerability

Reflected Cross-Site Scripting via 'noresults' Parameter vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin FloristPress versions = 7.8.2...

6.1CVSS5.9AI score0.0027EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/27 4:59 a.m.5 views

CVE-2026-1986

The FloristPress for Woo – Customize your eCommerce store for your Florist plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'noresults' parameter in all versions up to, and including, 7.8.2 due to insufficient input sanitization and output escaping on the user supplied...

6.1CVSS6AI score0.0027EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/26 6:30 a.m.4 views

EUVD-2026-16084

The FloristPress for Woo – Customize your eCommerce store for your Florist plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'noresults' parameter in all versions up to, and including, 7.8.2 due to insufficient input sanitization and output escaping on the user supplied...

6.1CVSS6AI score0.0027EPSS
Exploits0References5
NVD
NVD
added 2026/03/26 4:17 a.m.6 views

CVE-2026-1986

The FloristPress for Woo – Customize your eCommerce store for your Florist plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'noresults' parameter in all versions up to, and including, 7.8.2 due to insufficient input sanitization and output escaping on the user supplied...

6.1CVSS0.0027EPSS
Exploits0References4
CVE
CVE
added 2026/03/26 2:25 a.m.15 views

CVE-2026-1986

The CVE concerns FloristPress for Woo – Florist plugin for WordPress. A Reflected Cross-Site Scripting vulnerability exists in all versions up to 7.8.2, caused by insufficient input sanitization and output escaping of the user-supplied noresults parameter. This can allow unauthenticated attackers...

6.1CVSS6AI score0.0027EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/26 2:25 a.m.2 views

CVE-2026-1986

The FloristPress for Woo – Customize your eCommerce store for your Florist plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'noresults' parameter in all versions up to, and including, 7.8.2 due to insufficient input sanitization and output escaping on the user supplied...

6.1CVSS6AI score0.0027EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/03/26 2:25 a.m.2 views

CVE-2026-1986 FloristPress for Woo <= 7.8.2 - Reflected Cross-Site Scripting via 'noresults' Parameter

The FloristPress for Woo – Customize your eCommerce store for your Florist plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'noresults' parameter in all versions up to, and including, 7.8.2 due to insufficient input sanitization and output escaping on the user supplied...

6.1CVSS6AI score0.0027EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/26 2:25 a.m.34 views

CVE-2026-1986 FloristPress for Woo <= 7.8.2 - Reflected Cross-Site Scripting via 'noresults' Parameter

The FloristPress for Woo – Customize your eCommerce store for your Florist plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'noresults' parameter in all versions up to, and including, 7.8.2 due to insufficient input sanitization and output escaping on the user supplied...

6.1CVSS0.0027EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/26 12:0 a.m.9 views

PT-2026-28192

The FloristPress for Woo – Customize your eCommerce store for your Florist plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'noresults' parameter in all versions up to, and including, 7.8.2 due to insufficient input sanitization and output escaping on the user supplied...

6.1CVSS6AI score0.0027EPSS
Exploits0References5
Rows per page
Query Builder