Lucene search
K

17 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-35531

Malicious code in bioql PyPI...

7.1CVSS6.5AI score0.00223EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2023-49330

Malicious code in bioql PyPI...

5.9CVSS6.2AI score0.00316EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:20 a.m.9 views

CVE-2023-45008

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in WPJohnny Comment Reply Email plugin = 1.0.3 versions...

5.9CVSS5.6AI score0.00316EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/04 10:14 p.m.6 views

CVE-2024-35773

Cross-Site Request Forgery CSRF vulnerability in WPJohnny, zerOneIT Comment Reply Email allows Cross-Site Scripting XSS.This issue affects Comment Reply Email: from n/a through 1.3...

7.1CVSS6.6AI score0.00223EPSS
Exploits0References1
OSV
OSV
added 2024/12/25 4:15 a.m.2 views

CVE-2024-12032

The Tourfic – Ultimate Hotel Booking, Travel Booking & Apartment Booking WordPress Plugin | WooCommerce Booking plugin for WordPress is vulnerable to SQL Injection via the 'enquiryid' parameter of the 'tfenquiryreplyemailcallback' function in all versions up to, and including, 2.15.3 due to...

6.5CVSS7.3AI score0.00514EPSS
Exploits0References3
NVD
NVD
added 2024/07/12 2:15 p.m.21 views

CVE-2024-35773

Cross-Site Request Forgery CSRF vulnerability in WPJohnny, zerOneIT Comment Reply Email allows Cross-Site Scripting XSS.This issue affects Comment Reply Email: from n/a through 1.3...

7.1CVSS0.00223EPSS
Exploits0References1
CVE
CVE
added 2024/07/12 1:31 p.m.50 views

CVE-2024-35773

CVE-2024-35773 is a CSRF-to-stored XSS vulnerability in the WPJohnny zerOneIT Comment Reply Email WordPress plugin (Comment Reply Email) affecting version 1.3 and earlier. The issue enables cross-site scripting via the comment reply email flow. Public reports in multiple sources confirm the vulne...

7.1CVSS6.8AI score0.00223EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/12 1:31 p.m.20 views

CVE-2024-35773 WordPress Comment Reply Email plugin <= 1.3 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in WPJohnny, zerOneIT Comment Reply Email allows Cross-Site Scripting XSS.This issue affects Comment Reply Email: from n/a through 1.3...

7.1CVSS0.00223EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/12 1:31 p.m.11 views

CVE-2024-35773 WordPress Comment Reply Email plugin <= 1.3 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in WPJohnny, zerOneIT Comment Reply Email allows Cross-Site Scripting XSS.This issue affects Comment Reply Email: from n/a through 1.3...

7.1CVSS6.6AI score0.00223EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/07/12 12:0 a.m.7 views

PT-2024-26728 · Wpjohnny · Comment Reply Email

Name of the Vulnerable Software and Affected Versions: Comment Reply Email versions 1.3 and earlier Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability and also allows Cross-Site Scripting XSS in WPJohnny, specifically in the zerOneIT Comment Reply Email...

7.1CVSS6.6AI score0.00223EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/07/05 1:33 p.m.5 views

WordPress Comment Reply Email plugin <= 1.3 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by Masamichi Aoki Patchstack Alliance in WordPress Plugin Comment Reply Email versions = 1.3...

7.1CVSS6.2AI score0.00223EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/07/05 12:0 a.m.11 views

WordPress Comment Reply Email Plugin <= 1.3 is vulnerable to Cross Site Scripting (XSS)

Software Comment Reply Email Type Plugin Vulnerable versions = 1.3 Fixed in 1.5 OWASP Top 10 A1: Injection Classification Cross Site Scripting XSS CVE CVE-2024-35773 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 8f46fb8fc4c8 Credits Masamichi Aoki Required privilege...

7.1CVSS6.6AI score0.00223EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/10/18 8:15 a.m.1 views

CVE-2023-45008

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in WPJohnny Comment Reply Email plugin = 1.0.3 versions...

4.8CVSS7.3AI score0.00316EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/10/18 7:53 a.m.15 views

CVE-2023-45008 WordPress Comment Reply Email Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in WPJohnny Comment Reply Email plugin = 1.0.3 versions...

5.9CVSS5.6AI score0.00316EPSS
Exploits0References1
CVE
CVE
added 2023/10/18 7:53 a.m.48 views

CVE-2023-45008

CVE-2023-45008 affects the WPJohnny Comment Reply Email plugin for WordPress (versions ≤ 1.0.3). The vulnerability is an authenticated (admin+) Stored Cross-Site Scripting (XSS) flaw arising from insufficient input validation/escaping in the plugin, enabling an admin or higher-privileged user to ...

5.9CVSS5.1AI score0.00316EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/10/18 12:0 a.m.3 views

WordPress Plugin Comment Reply Email Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress...

5.9CVSS6AI score0.00316EPSS
Exploits0References2
Patchstack
Patchstack
added 2023/10/03 12:0 a.m.15 views

WordPress Comment Reply Email Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Comment Reply Email Type Plugin Vulnerable versions = 1.0.3 Fixed in 1.0.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-45008 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID fa87fe52845c Credits Yebin Lee Required privilege...

5.9CVSS6.5AI score0.00316EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder