CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

WPVulnDB•added 2024/05/16 12:0 a.m.•10 views

raindrops < 1.700 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The raindrops theme for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.600 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level...

6.5CVSS5.9AI score0.00313EPSS

Exploits0References1Affected Software1

Cvelist•added 2024/05/08 11:50 a.m.•16 views

CVE-2024-34414 WordPress Raindrops theme <= 1.600 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Nobita allows Stored XSS.This issue affects raindrops: from n/a through 1.600...

6.5CVSS6.9AI score0.00313EPSS

Exploits0References1

Patchstack•added 2024/05/06 8:15 p.m.•3 views

WordPress Raindrops theme <= 1.600 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Theme raindrops versions = 1.600...

6.5CVSS6.1AI score0.00313EPSS

Exploits0Affected Software1

Patchstack•added 2024/05/06 12:0 a.m.•9 views

WordPress raindrops Theme <= 1.600 is vulnerable to Cross Site Scripting (XSS)

Software raindrops Type Theme Vulnerable versions = 1.600 Fixed in 1.700 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-34414 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID d4e3ff80bd8c Credits stealthcopter Required privilege Contributor...

6.5CVSS6.6AI score0.00313EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by