Lucene search
K

4 matches found

ATTACKERKB
ATTACKERKB
added 2026/01/22 4:52 p.m.3 views

CVE-2025-69003

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in QantumThemes KenthaRadio qt-kentharadio allows Reflected XSS.This issue affects KenthaRadio: from n/a through = 2.2.0...

7.1CVSS5.3AI score0.00186EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.8 views

PT-2026-4120

Name of the Vulnerable Software and Affected Versions QantumThemes KenthaRadio versions through 2.2.0 Description A flaw exists in QantumThemes KenthaRadio that allows for Reflected Cross-site Scripting XSS. This issue is due to improper neutralization of input during web page generation. The...

5.3AI score0.00186EPSS
Exploits0References3
Prion
Prion
added 2021/08/02 11:15 a.m.23 views

Server side request forgery (ssrf)

The OnAir2 WordPress theme before 3.9.9.2 and QT KenthaRadio WordPress plugin before 2.0.2 have exposed proxy functionality to unauthenticated users, sending requests to this proxy functionality will have the web server fetch and display the content from any URI, this would allow for SSRF Server...

7.5CVSS9.7AI score0.56614EPSS
Exploits2References1Affected Software2
CVE
CVE
added 2021/08/02 10:32 a.m.123 views

CVE-2021-24472

Affected software: OnAir2 WordPress theme before 3.9.9.2 and QT KenthaRadio WordPress plugin before 2.0.2. Root cause: exposed proxy functionality to unauthenticated users that fetches content from any URI, enabling SSRF and RFI. Impact: potential remote inclusion and server-side request forgery ...

9.8CVSS9.8AI score0.56614EPSS
Exploits2References1Affected Software2
Rows per page
Query Builder