Lucene search
K

330 matches found

OSV
OSV
added 2023/05/28 6:15 p.m.4 views

CVE-2023-33309

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Awesome Motive Duplicator Pro plugin = 4.5.11 versions...

6.1CVSS6.8AI score0.00382EPSS
Exploits0References1
CVE
CVE
added 2023/05/28 5:36 p.m.61 views

CVE-2023-33309

CVE-2023-33309 refers to an unauthenticated, reflected XSS in the Duplicator Pro WordPress plugin up to version 4.5.11. The vulnerability is triggered via input that is reflected in the plugin’s response, enabling potentially injected script execution in a victim’s browser. Public sources in the ...

7.1CVSS6AI score0.00382EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/05/28 5:36 p.m.33 views

CVE-2023-33309 WordPress Duplicator Pro Plugin <= 4.5.11 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Awesome Motive Duplicator Pro plugin = 4.5.11 versions...

7.1CVSS6.3AI score0.00382EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/05/28 12:0 a.m.6 views

WordPress plugin Duplicator Pro 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

7.1CVSS6.8AI score0.00382EPSS
Exploits0References2
Patchstack
Patchstack
added 2023/05/15 12:0 a.m.12 views

WordPress Essential Addons for Elementor Pro Plugin <= 5.4.8 is vulnerable to Cross Site Scripting (XSS)

Software Essential Addons for Elementor Pro Type Plugin Vulnerable versions = 5.4.8 Fixed in 5.4.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-32241 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 5e9e79ec6617 Credit...

7.1CVSS5.7AI score0.00371EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/04/12 2:41 p.m.30 views

CVE-2022-47605 WordPress Custom 404 Pro Plugin <= 3.7.0 is vulnerable to SQL Injection (SQLi)

Auth. SQL Injection' vulnerability in Kunal Nagar Custom 404 Pro plugin = 3.7.0 versions...

6.4CVSS8.7AI score0.00668EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/04/12 2:41 p.m.11 views

CVE-2022-47605 WordPress Custom 404 Pro Plugin <= 3.7.0 is vulnerable to SQL Injection (SQLi)

Auth. SQL Injection' vulnerability in Kunal Nagar Custom 404 Pro plugin = 3.7.0 versions...

6.4CVSS8.5AI score0.00668EPSS
Exploits0References1
CVE
CVE
added 2023/04/12 2:41 p.m.37 views

CVE-2022-47605

CVE-2022-47605 concerns the WordPress plugin Custom 404 Pro by Kunal Nagar. A SQL Injection vulnerability affects versions

7.2CVSS7.6AI score0.00668EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/03/29 12:0 a.m.13 views

WordPress HappyFiles Pro Plugin <= 1.8.1 is vulnerable to Broken Access Control

Software HappyFiles Pro Type Plugin Vulnerable versions = 1.8.1 Fixed in 1.8.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-25445 Patch priority Medium CVSS severity Medium 5.4 Developer Claim ownership PSID 518a5cea4b57 Credits Dave Jong Patchstack...

6.6AI score0.0021EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/03/28 12:0 a.m.22 views

WordPress real-estate-pro Plugin < 1.7.1 is vulnerable to Privilege Escalation

Software real-estate-pro Type Plugin Vulnerable versions 1.7.1 Fixed in 1.7.1 OWASP Top 10 A5: Broken Access Control Classification Privilege Escalation CVE CVE-2020-36666 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID a8f610e7b2fc Credits Omar Badran Required privilege...

8.8CVSS6.4AI score0.00905EPSS
Exploits2References3Affected Software1
CNNVD
CNNVD
added 2023/03/27 12:0 a.m.6 views

WordPress plugin directory-pro 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

8.8CVSS8.2AI score0.00905EPSS
Exploits2References3
OSV
OSV
added 2022/12/28 12:15 p.m.14 views

CVE-2018-25055

A vulnerability was found in FarCry Solr Pro Plugin up to 1.5.x. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file packages/forms/solrProSearch.cfc of the component Search Handler. The manipulation of the argument suggestion leads to cross...

6.1CVSS6.2AI score
Exploits0References5
Cvelist
Cvelist
added 2022/12/28 11:26 a.m.26 views

CVE-2018-25055 FarCry Solr Pro Plugin Search solrProSearch.cfc cross site scripting

A vulnerability was found in FarCry Solr Pro Plugin up to 1.5.x. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file packages/forms/solrProSearch.cfc of the component Search Handler. The manipulation of the argument suggestion leads to cross...

3.5CVSS6AI score0.0063EPSS
Exploits1References5
CVE
CVE
added 2022/12/28 11:26 a.m.57 views

CVE-2018-25055

CVE-2018-25055 concerns FarCry Solr Pro Plugin (up to 1.5.x). The vulnerability lies in the Search Handler’s packages/forms/solrProSearch.cfc and the manipulation of the suggest ion argument, which enables cross-site scripting. It can be exploited remotely. Upgrading to version 1.6.0 addresses th...

6.1CVSS4.8AI score0.0063EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2022/12/26 1:15 p.m.4 views

CVE-2022-4161

The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape the cgcopystart POST parameter before concatenating it to an SQL query in copy-gallery-images.php. This may allow malicious users with at least author privilege to leak sensiti...

6.5CVSS5.8AI score0.00854EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2022/12/26 12:0 a.m.8 views

PT-2022-25944 · WordPress · Contest Gallery Pro +1

Name of the Vulnerable Software and Affected Versions: Contest Gallery WordPress plugin versions prior to 19.1.5.1 Contest Gallery Pro WordPress plugin versions prior to 19.1.5.1 Description: The issue arises from the failure to escape the cg option id POST parameter before it is concatenated to ...

4.9CVSS5.1AI score0.00883EPSS
Exploits2References6
OSV
OSV
added 2022/12/12 6:15 p.m.3 views

CVE-2022-3900

The Cooked Pro WordPress plugin before 1.7.5.7 does not properly validate or sanitize the recipeargs parameter before unserializing it in the cookedloadmore action, allowing an unauthenticated attacker to trigger a PHP Object injection vulnerability...

9.8CVSS5.8AI score0.18966EPSS
Exploits2References1
Cvelist
Cvelist
added 2022/11/23 12:0 a.m.33 views

CVE-2022-35501

Stored Cross-site Scripting XSS exists in the Amasty Blog Pro 2.10.3 and 2.10.4 plugin for Magento 2 because of the duplicate post function...

5.5AI score0.00495EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/11/14 12:0 a.m.8 views

PT-2022-22793

Name of the Vulnerable Software and Affected Versions Testimonials WordPress plugin versions prior to 2.7 super-testimonial-pro WordPress plugin versions prior to 1.0.8 Description The issue allows high privilege users, such as admins, to perform cross-Site Scripting attacks, even when the...

4.8CVSS4.7AI score0.00501EPSS
Exploits1References6
Cvelist
Cvelist
added 2022/11/08 6:33 p.m.31 views

CVE-2022-42494 WordPress All in One SEO Pro plugin <= 4.2.5.1 - Server Side Request Forgery (SSRF) vulnerability

Server Side Request Forgery SSRF vulnerability in All in One SEO Pro plugin = 4.2.5.1 on WordPress...

3CVSS6.7AI score0.00553EPSS
Exploits0References2
Rows per page
Query Builder