Lucene search
K

90 matches found

OSV
OSV
added 2023/08/30 3:15 p.m.4 views

CVE-2023-3992

The PostX WordPress plugin before 3.0.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1CVSS5.8AI score0.00427EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/08/30 2:22 p.m.8 views

CVE-2023-3992 PostX - Gutenberg Post Grid Blocks < 3.0.6 - Reflected Cross-Site Scripting

The PostX WordPress plugin before 3.0.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6AI score0.00427EPSS
Exploits2References1
CNNVD
CNNVD
added 2023/08/30 12:0 a.m.4 views

WordPress plugin PostX 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on servers running PHP and MySQL. A cross-site scripting vulnerability exists...

6.1CVSS6.8AI score0.00427EPSS
Exploits2References2
Patchstack
Patchstack
added 2023/08/02 12:0 a.m.9 views

WordPress PostX Plugin <= 3.0.5 is vulnerable to Cross Site Scripting (XSS)

Software PostX Type Plugin Vulnerable versions = 3.0.5 Fixed in 3.0.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-3992 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c90860a27d52 Credits Bob Matyas Required privileg...

6.1CVSS5.6AI score0.00427EPSS
Exploits2References3Affected Software1
Prion
Prion
added 2023/07/25 2:15 p.m.21 views

Cross site scripting

Unauth. Reflected Cross-Site Scripting XSS vulnerability in wpxpo PostX – Gutenberg Post Grid Blocks plugin = 2.9.9 versions...

5.8CVSS6AI score0.00402EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/06/23 12:0 a.m.13 views

WordPress PostX Plugin <= 2.9.9 is vulnerable to Cross Site Scripting (XSS)

Software PostX Type Plugin Vulnerable versions = 2.9.9 Fixed in 2.9.10 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-36385 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 34333ee198ac Credits Le Ngoc Anh Required...

7.1CVSS5.6AI score0.00402EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2021/09/27 4:15 p.m.8 views

CVE-2021-24661

The PostX – Gutenberg Blocks for Post Grid WordPress plugin before 2.4.10, with Saved Templates Addon enabled, allows users with Contributor roles or higher to read password-protected or private post contents the user is otherwise unable to read, given the post ID...

4.3CVSS5.8AI score0.00739EPSS
Exploits1References1
OSV
OSV
added 2021/09/27 4:15 p.m.4 views

CVE-2021-24660

The PostX – Gutenberg Blocks for Post Grid WordPress plugin before 2.4.10, with Saved Templates Addon enabled, allows users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks via the plugin's shortcode...

5.4CVSS5.8AI score0.00517EPSS
Exploits1References1
OSV
OSV
added 2021/09/27 4:15 p.m.4 views

CVE-2021-24659

The PostX – Gutenberg Blocks for Post Grid WordPress plugin before 2.4.10 allows users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks via the plugin's block...

5.4CVSS5.8AI score0.0053EPSS
Exploits1References1
Prion
Prion
added 2021/09/27 4:15 p.m.15 views

Default credentials

The PostX – Gutenberg Blocks for Post Grid WordPress plugin before 2.4.10, with Saved Templates Addon enabled, allows users with Contributor roles or higher to read password-protected or private post contents the user is otherwise unable to read, given the post ID...

3.5CVSS4.6AI score0.00739EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder