Lucene search
+L

7 matches found

NVD
NVD
added 2026/07/08 6:16 a.m.9 views

CVE-2026-9731

The Wp Js Detect plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.9. This is due to missing or incorrect nonce validation on the pluginsettings function. This makes it possible for unauthenticated attackers to update the plugin's...

4.3CVSS0.00128EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/07/08 5:34 a.m.33 views

CVE-2026-9731 Wp Js Detect <= 1.0.9 - Cross-Site Request Forgery to Plugin Settings Update

The Wp Js Detect plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.9. This is due to missing or incorrect nonce validation on the pluginsettings function. This makes it possible for unauthenticated attackers to update the plugin's...

4.3CVSS0.00128EPSS
Exploits0References5
EUVD
EUVD
added 2026/07/08 5:34 a.m.7 views

EUVD-2026-42173

The Wp Js Detect plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.9. This is due to missing or incorrect nonce validation on the pluginsettings function. This makes it possible for unauthenticated attackers to update the plugin's...

4.3CVSS5.9AI score0.00128EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/07/08 12:0 a.m.15 views

PT-2026-56327

Name of the Vulnerable Software and Affected Versions Wp Js Detect versions prior to 1.1.0 Description The plugin is susceptible to Cross-Site Request Forgery CSRF, a flaw where an attacker tricks a victim into performing actions they did not intend to do. This occurs due to missing or incorrect...

4.3CVSS5.3AI score0.00128EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/04/24 12:0 a.m.12 views

Xibo 跨站脚本漏洞

Xibo is a digital signage content management tool developed by Dan Garner. Versions of Xibo prior to 4.4.1 contained a cross-site scripting vulnerability. This vulnerability stemmed from stored-cross-site scripting in the notification text, which could allow authorized users to automatically...

6.4CVSS5.7AI score0.00141EPSS
Exploits0References1
OSV
OSV
added 2022/05/14 3:15 a.m.4 views

GHSA-H7G4-65MF-6MXH Cross-site Scripting in Graylog Server

Graylog before v2.4.4 has an XSS security issue with unescaped text in notifications, related to toastr and util/UserNotification.js...

6.1CVSS5.9AI score0.00848EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/06/28 12:0 a.m.5 views

LimeSurvey 跨站脚本漏洞

LimeSurvey formerly known as PHPSurveyor is an open source online survey program from the Limesurvey team that supports survey program development, survey posting, and data collection. A cross-site scripting vulnerability exists in LimeSurvey 4.2.5 that originates in the text boxes of the...

5.4CVSS5.3AI score0.00552EPSS
Exploits0References1
Rows per page
Query Builder