Lucene search
K

8 matches found

Cvelist
Cvelist
added 2026/06/04 1:22 p.m.34 views

CVE-2019-25744 WordPress Popup Builder 3.49 Persistent Cross-Site Scripting

WordPress Popup Builder 3.49 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by breaking out of option tags in the posttitle parameter. Attackers can submit crafted POST requests to the post.php endpoint with script payloads...

5.4CVSS0.00171EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2022/08/25 7:15 p.m.3 views

CVE-2022-36527

Jfinal CMS v5.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the post title text field under the publish blog module...

5.4CVSS6.3AI score0.00413EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/04/08 9:15 a.m.3 views

CVE-2022-27348

Social Codia SMS v1 was discovered to contain a stored cross-site scripting XSS vulnerability via addpost.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Post Title text field...

4.8CVSS6.1AI score0.01082EPSS
Exploits3References4
OSV
OSV
added 2022/04/08 9:15 a.m.3 views

CVE-2022-27348

Social Codia SMS v1 was discovered to contain a stored cross-site scripting XSS vulnerability via addpost.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Post Title text field...

4.8CVSS5.9AI score0.01082EPSS
Exploits3References3
ATTACKERKB
ATTACKERKB
added 2022/04/08 9:15 a.m.7 views

CVE-2022-27062

AeroCMS v0.0.1 was discovered to contain a stored cross-site scripting XSS vulnerability via addpost.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Post Title text field...

4.8CVSS6.1AI score0.01082EPSS
Exploits3References4
CNNVD
CNNVD
added 2022/04/08 12:0 a.m.28 views

AeroCMS 跨站脚本漏洞

AeroCMS is a content management system from AeroCMS, Inc. A cross-site scripting vulnerability exists in AeroCMS v0.0.1, which can be exploited by attackers to execute arbitrary Web script or HTML by injecting a specially crafted payload into the post title text field...

4.8CVSS5.6AI score0.01082EPSS
Exploits3References5
CNNVD
CNNVD
added 2022/04/08 12:0 a.m.3 views

Social Codia SMS 跨站脚本漏洞

Social Codia SMS is an inventory management system from Social Codia India. v1.0 of Social Codia SMS is vulnerable to a cross-site scripting vulnerability that could be exploited by attackers to execute arbitrary Web script or HTML by injecting a specially crafted payload into the post title text...

4.8CVSS5.6AI score0.01082EPSS
Exploits3References5
Patchstack
Patchstack
added 2015/05/15 12:0 a.m.13 views

WordPress Social Hashtags Plugin <= 2.0.0 - Cross Site Scripting

This plugin is prone to a cross site scripting vulnerability in new post title field. Solution Update the plugin...

0.7AI score
Exploits0References1Affected Software1
Rows per page
Query Builder