Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-50985

Malicious code in bioql PyPI...

4.7CVSS8.9AI score0.00316EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:41 a.m.7 views

CVE-2024-5713

The If-So Dynamic Content Personalization WordPress plugin before 1.8.0.4 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

5.4CVSS6.3AI score0.00353EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:59 a.m.9 views

CVE-2024-10815

The PostLists WordPress plugin through 2.0.2 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

4.2CVSS6.2AI score0.0027EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:44 p.m.9 views

CVE-2022-2190

The Gallery Plugin for WordPress plugin before 1.8.4.7 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

6.1CVSS6.3AI score0.00593EPSS
Exploits3References1
Cvelist
Cvelist
added 2024/11/12 6:0 a.m.23 views

CVE-2024-9835 RSS Feed Widget < 3.0.1 - Reflected XSS

The RSS Feed Widget WordPress plugin before 3.0.1 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

0.00303EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/09/12 6:0 a.m.20 views

CVE-2024-8056 MM-Breaking News <= 0.7.9 - Reflected XSS

The MM-Breaking News WordPress plugin through 0.7.9 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

0.00307EPSS
Exploits1References1
WPVulnDB
WPVulnDB
added 2022/08/04 12:0 a.m.12 views

Download Manager < 3.2.53 - Unauthenticated Reflected Cross-Site Scripting

The plugin does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute of the modal login page only available when users are not logged in, which could lead to Reflected Cross-Site Scripting in old web browsers. PoC On the modal login page from the plugin and using...

0.9AI score
Exploits0Affected Software1
Rows per page
Query Builder