Lucene search
K

25 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-32771

Malicious code in bioql PyPI...

5.9CVSS6.4AI score0.00369EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:38 a.m.10 views

CVE-2024-4856

The FS Product Inquiry WordPress plugin through 1.1.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin or unauthenticated users...

8.2CVSS6.2AI score0.00478EPSS
Exploits2References1
Patchstack
Patchstack
added 2024/06/04 6:37 a.m.4 views

WordPress FS Product Inquiry plugin <= 1.1.1 - Unauthenticated Stored XSS vulnerability

Unauthenticated Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin FS Product Inquiry versions = 1.1.1...

6.1CVSS6.1AI score0.00408EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2024/06/04 6:36 a.m.4 views

WordPress FS Product Inquiry plugin <= 1.1.1 - Reflected XSS vulnerability

Reflected XSS vulnerability discovered by Bob Matyas in WordPress Plugin FS Product Inquiry versions = 1.1.1...

8.2CVSS6.4AI score0.00478EPSS
Exploits2References1Affected Software1
OSV
OSV
added 2024/06/04 6:15 a.m.7 views

CVE-2024-4856

The FS Product Inquiry WordPress plugin through 1.1.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin or unauthenticated users...

8.2CVSS5.8AI score0.00478EPSS
Exploits2References1
NVD
NVD
added 2024/06/04 6:15 a.m.14 views

CVE-2024-4856

The FS Product Inquiry WordPress plugin through 1.1.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin or unauthenticated users...

8.2CVSS8.7AI score0.00478EPSS
Exploits2References1
OSV
OSV
added 2024/06/04 6:15 a.m.2 views

CVE-2024-4857

The FS Product Inquiry WordPress plugin through 1.1.1 does not sanitise and escape some form submissions, which could allow unauthenticated users to perform Stored Cross-Site Scripting attacks...

6.1CVSS5.8AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/06/04 6:0 a.m.16 views

CVE-2024-4857 FS Product Inquiry <= 1.1.1 - Unauthenticated Stored XSS

The FS Product Inquiry WordPress plugin through 1.1.1 does not sanitise and escape some form submissions, which could allow unauthenticated users to perform Stored Cross-Site Scripting attacks...

6AI score0.00408EPSS
Exploits2References1
Cvelist
Cvelist
added 2024/06/04 6:0 a.m.25 views

CVE-2024-4857 FS Product Inquiry <= 1.1.1 - Unauthenticated Stored XSS

The FS Product Inquiry WordPress plugin through 1.1.1 does not sanitise and escape some form submissions, which could allow unauthenticated users to perform Stored Cross-Site Scripting attacks...

8.2AI score0.00408EPSS
Exploits2References1
Patchstack
Patchstack
added 2024/06/04 12:0 a.m.10 views

WordPress FS Product Inquiry Plugin <= 1.1.1 is vulnerable to Cross Site Scripting (XSS)

Software FS Product Inquiry Type Plugin Vulnerable versions = 1.1.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4857 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d08a96986e4a Credits Bob Matyas Requir...

5.6AI score0.00408EPSS
Exploits2References4Affected Software1
Patchstack
Patchstack
added 2024/06/04 12:0 a.m.9 views

WordPress FS Product Inquiry Plugin <= 1.1.1 is vulnerable to Cross Site Scripting (XSS)

Software FS Product Inquiry Type Plugin Vulnerable versions = 1.1.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4856 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 989359976d53 Credits Bob Matyas Requir...

5.6AI score0.00478EPSS
Exploits2References4Affected Software1
Positive Technologies
Positive Technologies
added 2024/06/03 12:0 a.m.5 views

PT-2024-33147 · WordPress · Fs Product Inquiry Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: FS Product Inquiry WordPress plugin versions 1.1.1 and earlier Description: The issue is related to a Reflected Cross-Site Scripting problem, where a parameter is not properly sanitised and escaped before being outputted back in the page. Thi...

8.2CVSS5.7AI score0.00478EPSS
Exploits2References5
Positive Technologies
Positive Technologies
added 2024/06/03 12:0 a.m.4 views

PT-2024-33149 · WordPress · Fs Product Inquiry

Name of the Vulnerable Software and Affected Versions: FS Product Inquiry WordPress plugin versions 1.1.1 and earlier Description: The issue allows unauthenticated users to perform Stored Cross-Site Scripting attacks due to the plugin not sanitizing and escaping some form submissions...

6.1CVSS5.7AI score0.00408EPSS
Exploits2References5
wpexploit
wpexploit
added 2024/05/14 12:0 a.m.164 views

FS Product Inquiry <= 1.1.1 - Unauthenticated Stored XSS

Description The plugin does not sanitise and escape some form submissions, which could allow unauthenticated users to perform Stored Cross-Site Scripting attacks 1. Add an inquiry form using the shortcode fspi-show-products-list 2. As a non-logged in visitor, enter the payload "...

8.3AI score0.00408EPSS
Exploits2
OSV
OSV
added 2024/01/22 8:15 p.m.2 views

CVE-2023-6625

The Product Enquiry for WooCommerce WordPress plugin before 3.1 does not have a CSRF check in place when deleting inquiries, which could allow attackers to make a logged in admin delete them via a CSRF attack...

4.3CVSS5.8AI score0.00203EPSS
Exploits2References1
CNVD
CNVD
added 2018/12/25 12:0 a.m.2 views

WSTMart Product Inquiry Component Cross-Site Scripting Vulnerability

WSTMart is a set of e-commerce system of Guangzhou Shangtao Information Technology Co. A cross-site scripting vulnerability exists in the product consultation component of WSTMart version 2.0.8181212, which can be exploited by remote attackers to inject arbitrary Web script or HTML with the help ...

6.1CVSS6.1AI score0.00707EPSS
Exploits5References1
Cisco Threats
Cisco Threats
added 2018/06/22 1:39 p.m.11 views

Threat Outbreak Alert RuleID33039: Email Messages Distributing Malicious Software on June 22, 2018

Medium Alert ID: 58273 First Published: 2018 June 22 13:39 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID33039 may contain the following files: Name | Siz...

Exploits0
Cisco Threats
Cisco Threats
added 2017/06/26 7:20 p.m.10 views

Threat Outbreak Alert RuleID29585: Email Messages Distributing Malicious Software on June 26, 2017

Medium Alert ID: 54315 First Published: 2017 June 26 19:20 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID29585 may contain the following files: Name | Siz...

Exploits0
Cisco Threats
Cisco Threats
added 2014/09/16 12:42 p.m.5 views

Threat Outbreak Alert RuleID11569: Email Messages Distributing Malicious Software on September 15, 2014

Medium Alert ID: 35726 First Published: 2014 September 16 12:42 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID11569 may contain the following files: Name ...

Exploits0
Cisco Threats
Cisco Threats
added 2014/05/29 1:16 p.m.10 views

Threat Outbreak Alert: Fake Payment Information Email Messages on May 29, 2014

Medium Alert ID: 34409 First Published: 2014 May 29 13:16 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a product inquiry notification for the recipient. The text in the email message attempts to convince the recipient...

6.9AI score
Exploits0
Rows per page
Query Builder