Lucene search
K

115 matches found

OSV
OSV
added 2024/06/08 4:15 p.m.4 views

CVE-2024-35676

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in wpecommerce Recurring PayPal Donations allows Stored XSS.This issue affects Recurring PayPal Donations: from n/a through 1.7...

5.4CVSS5.8AI score0.00254EPSS
Exploits0References1
CVE
CVE
added 2024/06/08 4:5 p.m.54 views

CVE-2024-35676

CVE-2024-35676 is tied to the Recurring PayPal Donations WordPress plugin and affects versions up to 1.7. It enables Stored XSS via shortcode due to improper input neutralization during web page generation; a patch status is noted as Patched in connected sources.

6.5CVSS6.2AI score0.00254EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/06/08 4:5 p.m.25 views

CVE-2024-35676 WordPress Recurring PayPal Donations plugin <= 1.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in wpecommerce Recurring PayPal Donations allows Stored XSS.This issue affects Recurring PayPal Donations: from n/a through 1.7...

6.5CVSS0.00254EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/06/08 12:0 a.m.5 views

WordPress plugin Recurring PayPal Donations Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPre...

6.5CVSS6.1AI score0.00254EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/06/08 12:0 a.m.3 views

PT-2024-26623 · Unknown · Wpecommerce Recurring Paypal Donations

Name of the Vulnerable Software and Affected Versions: wpecommerce Recurring PayPal Donations versions n/a through 1.7 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS, which allows Stored XSS. This means that...

6.5CVSS6.2AI score0.00254EPSS
Exploits0References6
Patchstack
Patchstack
added 2024/06/05 6:55 p.m.3 views

WordPress Recurring PayPal Donations plugin <= 1.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Recurring PayPal Donations versions = 1.7...

6.5CVSS6.1AI score0.00254EPSS
Exploits0Affected Software1
The Hacker News
The Hacker News
added 2024/05/09 11:5 a.m.13 views

New Guide: How to Scale Your vCISO Services Profitably

Cybersecurity and compliance guidance are in high demand among SMEs. However, many of them cannot afford to hire a full-time CISO. A vCISO can answer this need by offering on-demand access to top-tier cybersecurity expertise. This is also an opportunity for MSPs and MSSPs to grow their business a...

7.1AI score
Exploits0
OSV
OSV
added 2024/01/11 9:15 a.m.4 views

CVE-2023-6583

The Import and export users and customers plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.24.2 via the Recurring Import functionality. This makes it possible for authenticated attackers, with administrator access and above, to read and delete the...

7.2CVSS5.9AI score0.00809EPSS
Exploits0References2
Prion
Prion
added 2024/01/11 9:15 a.m.20 views

Directory traversal

The Import and export users and customers plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.24.2 via the Recurring Import functionality. This makes it possible for authenticated attackers, with administrator access and above, to read and delete the...

5.8CVSS6.7AI score0.00809EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/01/11 12:0 a.m.7 views

PT-2024-15013 · WordPress · Import/Export Users/Customers Plugin

Name of the Vulnerable Software and Affected Versions: Import and export users and customers plugin for WordPress versions up to, and including, 1.24.2 Description: The issue allows authenticated attackers with administrator access and above to read and delete the contents of arbitrary files on t...

7.2CVSS7.3AI score0.00809EPSS
Exploits0References7
Code423n4
Code423n4
added 2023/09/06 12:0 a.m.10 views

Transfering Bonds would create confusion among delegators because of non-deletion of unbondingLocks & assigning all the new delegators the same unbounding id

Lines of code Vulnerability details transferBond function is used to transfers ownership of a bond to a new delegator using optional hints if needed. Here the old unbound lock is deleted after creating a new one in unbondWithHint function. But the problem lies in the delete operation as it does n...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/07/31 10:47 a.m.34 views

Webinar: Riding the vCISO Wave: How to Provide vCISO Services

Demand for Virtual CISO services is soaring. According to Gartner, the use of vCISO services among small and mid-size businesses and non-regulated enterprises was expected to grow by a whopping 1900% in just one year, from only 1% in 2021 to 20% in 2022! Offering vCISO services can be especially...

6.7AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/05/30 2:22 a.m.3 views

SUSE CVE-2023-34151

A vulnerability was found in ImageMagick. This security flaw ouccers as an undefined behaviors of casting double to sizet in svg, mvg and other coders recurring bugs of CVE-2022-32546...

3.3CVSS6.9AI score0.01018EPSS
Exploits1References7
OSV
OSV
added 2023/05/30 12:0 a.m.34 views

CVE-2023-34151

A vulnerability was found in ImageMagick. This security flaw ouccers as an undefined behaviors of casting double to sizet in svg, mvg and other coders recurring bugs of CVE-2022-32546...

5.5CVSS7.9AI score0.01018EPSS
Exploits1References8
The Hacker News
The Hacker News
added 2023/05/03 10:58 a.m.88 views

Download the eBook: What Does it Take to be a Full-Fledged Virtual CISO?

Almost half of MSP clients fell victim to a cyberattack within the last 12 months. In the SMB world, the danger is especially acute as only 50% of SMBs have a dedicated internal IT person to take care of cybersecurity. No wonder cybercriminals are targeting SMBs so heavily. No wonder SMBs are...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2023/05/03 10:58 a.m.4 views

Download the eBook: What Does it Take to be a Full-Fledged Virtual CISO?

Almost half of MSP clients fell victim to a cyberattack within the last 12 months. In the SMB world, the danger is especially acute as only 50% of SMBs have a dedicated internal IT person to take care of cybersecurity. No wonder cybercriminals are targeting SMBs so heavily. No wonder SMBs are...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/14 7:13 a.m.24 views

Webinar: Tips from MSSPs to MSSPs – Building a Profitable vCISO Practice

In today's fast-paced and ever-changing digital landscape, businesses of all sizes face a myriad of cybersecurity threats. Putting in place the right people, technological tools and services, MSSPs are in a great position to ensure their customers' cyber resilience. The growing need of SMEs and...

6.7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2022/09/28 2:11 p.m.175 views

What’s New in InsightVM and Nexpose: Q3 2022 in Review

Another quarter comes to a close! While we definitely had our share of summer fun, our team continued to invest in the product, releasing features and updates like recurring coverage for enterprise technologies, performance enhancements, and more. Let’s take a look at some of the key releases in...

10CVSS9.9AI score0.99999EPSS
Exploits190
OSV
OSV
added 2022/07/06 9:15 p.m.3 views

CVE-2022-27549

HCL Launch may store certain data for recurring activities in a plain text format...

5.5CVSS5.8AI score0.0015EPSS
Exploits0References1
Prion
Prion
added 2022/07/06 9:15 p.m.15 views

Format string

HCL Launch may store certain data for recurring activities in a plain text format...

2.1CVSS5.5AI score0.0015EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder