Lucene search
+L

74 matches found

redhatcve
redhatcve
added 2025/05/23 1:43 a.m.9 views

CVE-2023-46824

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Om Ak Solutions Slick Popup: Contact Form 7 Popup Plugin plugin = 1.7.14 versions...

5.9CVSS5.1AI score0.00336EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 12:19 p.m.11 views

CVE-2012-5553

Multiple cross-site scripting XSS vulnerabilities in the OM Maximenu module 6.x-1.x before 6.x-1.44 and 7.x-1.x before 7.x-1.44 for Drupal allow remote authenticated users with the "administer OM Maximenu" permission to inject arbitrary web script or HTML via the 1 Menu Title 2 Link Title, 3 Path...

2.1CVSS5.5AI score0.00941EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 3:51 a.m.12 views

CVE-2012-6065

The OM Maximenu module 6.x-1.43 and earlier for Drupal, when the "Title has PHP" option is enabled, allows remote authenticated users with the "Administer OM Maximenu" permission to execute arbitrary PHP code via a "Link Title," a different vulnerability than CVE-2012-5553...

4.6CVSS7.5AI score0.0105EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/02/28 6:24 a.m.8 views

CVE-2024-13631

The Om Stripe WordPress plugin through 02.00.00 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS6AI score0.00324EPSS
Exploits1References1
patchstack
patchstack
added 2025/02/26 10:15 p.m.5 views

WordPress OM Stripe plugin <= 02.00.00 - Reflected XSS vulnerability

Reflected XSS vulnerability discovered by Hassan Khan Yusufzai - Splint3r7 in WordPress Plugin Om Stripe versions = 02.00.00...

7.1CVSS6.4AI score0.00324EPSS
Exploits1References1Affected Software1
osv
osv
added 2025/02/26 1:15 p.m.4 views

CVE-2024-13631

The Om Stripe WordPress plugin through 02.00.00 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS5.8AI score0.00324EPSS
Exploits1References1
nvd
nvd
added 2025/02/26 1:15 p.m.8 views

CVE-2024-13631

The Om Stripe WordPress plugin through 02.00.00 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS0.00324EPSS
Exploits1References1
cve
cve
added 2025/02/26 6:0 a.m.61 views

CVE-2024-13631

CVE-2024-13631 affects the Om Stripe WordPress plugin (versions up to 02.00.00). The issue is a Reflected Cross-Site Scripting (XSS) caused by insufficient sanitisation/escaping of a parameter before echoing it on the page. Impact is described as potential abuse against high-privilege users such ...

7.1CVSS6.4AI score0.00324EPSS
Exploits1References1Affected Software1
vulnrichment
vulnrichment
added 2025/02/26 6:0 a.m.7 views

CVE-2024-13631 OM Stripe <= 02.00.00 - Reflected XSS

The Om Stripe WordPress plugin through 02.00.00 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.5AI score0.00324EPSS
Exploits1References1
cvelist
cvelist
added 2025/02/26 6:0 a.m.22 views

CVE-2024-13631 OM Stripe <= 02.00.00 - Reflected XSS

The Om Stripe WordPress plugin through 02.00.00 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

0.00324EPSS
Exploits1References1
cnnvd
cnnvd
added 2025/02/26 12:0 a.m.4 views

WordPress plugin Om Stripe 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

7.1CVSS8.9AI score0.00324EPSS
Exploits1References2
ptsecurity
ptsecurity
added 2025/02/26 12:0 a.m.7 views

PT-2025-8678 · WordPress · Om Stripe Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: Om Stripe WordPress plugin versions through 02.00.00 Description: The issue is related to a Reflected Cross-Site Scripting problem, where a parameter is not properly sanitised and escaped before being outputted back in the page. This could be...

7.1CVSS8.8AI score0.00324EPSS
Exploits1References4
cnnvd
cnnvd
added 2024/03/15 12:0 a.m.2 views

Healthcare-Chatbot Security Vulnerability

Healthcare-Chatbot is a healthcare chatbot by Om Rajpurkar Personal Developer. A security vulnerability exists in Healthcare-Chatbot version 9b7058a and prior versions. An attacker could exploit this vulnerability to perform cross-site scripting attacks...

5.4CVSS6.1AI score0.00354EPSS
Exploits0References3
github
github
added 2023/11/07 11:44 p.m.26 views

rusty_paseto vulnerable to private key extraction due to ed25519-dalek dependency

Impact The vulnerability, known as RUSTSEC-2022-0093, impacts the ed25519-dalek crate, which is a dependency of the rusty-paseto crate. This issue arises from a "Double Public Key Signing Function Oracle Attack" affecting versions of ed25519-dalek prior to v2.0. These versions expose an unsafe AP...

6.5AI score
Exploits0References5Affected Software1
osv
osv
added 2023/11/06 10:15 a.m.5 views

CVE-2023-46824

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Om Ak Solutions Slick Popup: Contact Form 7 Popup Plugin plugin = 1.7.14 versions...

4.8CVSS5.8AI score0.00336EPSS
Exploits0References1
nvd
nvd
added 2023/11/06 10:15 a.m.32 views

CVE-2023-46824

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Om Ak Solutions Slick Popup: Contact Form 7 Popup Plugin plugin = 1.7.14 versions...

5.9CVSS4.9AI score0.00336EPSS
Exploits0References1
cve
cve
added 2023/11/06 9:43 a.m.95 views

CVE-2023-46824

Slick Popup: Contact Form 7 Popup Plugin for WordPress (plugin

5.9CVSS4.8AI score0.00336EPSS
Exploits0References1Affected Software1
vulnrichment
vulnrichment
added 2023/11/06 9:43 a.m.13 views

CVE-2023-46824 WordPress Slick Popup Plugin <= 1.7.14 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Om Ak Solutions Slick Popup: Contact Form 7 Popup Plugin plugin = 1.7.14 versions...

5.9CVSS5.6AI score0.00336EPSS
Exploits0References1
cvelist
cvelist
added 2023/11/06 9:43 a.m.30 views

CVE-2023-46824 WordPress Slick Popup Plugin <= 1.7.14 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Om Ak Solutions Slick Popup: Contact Form 7 Popup Plugin plugin = 1.7.14 versions...

5.9CVSS5.1AI score0.00336EPSS
Exploits0References1
openbugbounty
openbugbounty
added 2023/05/30 1:43 a.m.11 views

om-trader.com Cross Site Scripting vulnerability OBB-3367930

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Rows per page
Query Builder