Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 8:15 a.m.11 views

CVE-2024-9228

The Loggedin – Limit Active Logins plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.3.1. This makes it possible for unauthenticated attackers to inject arbitrary web...

6.1CVSS5.6AI score0.0037EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:14 a.m.8 views

CVE-2024-9607

The 10Web Social Post Feed plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.2.9. This makes it possible for unauthenticated attackers to inject arbitrary web scripts i...

6.1CVSS5.6AI score0.00291EPSS
Exploits0References1
OSV
OSV
added 2024/10/25 7:15 a.m.6 views

CVE-2024-9607

The 10Web Social Post Feed plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.2.9. This makes it possible for unauthenticated attackers to inject arbitrary web scripts i...

6.1CVSS6AI score0.00291EPSS
Exploits0References2
CVE
CVE
added 2024/10/25 6:51 a.m.58 views

CVE-2024-9607

The CVE CVE-2024-9607 affects the WordPress plugin 10Web Social Post Feed (versions

6.1CVSS6.2AI score0.00291EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/10/25 12:0 a.m.7 views

PT-2024-39713 · 10Web · 10Web Social Post Feed

Name of the Vulnerable Software and Affected Versions: 10Web Social Post Feed plugin for WordPress versions up to, and including, 1.2.9 Description: The issue arises from the use of add query arg without proper escaping on the URL, leading to Reflected Cross-Site Scripting. This allows...

6.1CVSS6.6AI score0.00291EPSS
Exploits0References6
OSV
OSV
added 2024/10/16 2:15 a.m.3 views

CVE-2024-8541

The Discount Rules for WooCommerce – Create Smart WooCommerce Coupons & Discounts, Bulk Discount, BOGO Coupons plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 2.6.5. Th...

6.1CVSS5.8AI score0.004EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/10/15 12:0 a.m.11 views

PT-2024-39082 · WordPress · Discount Rules For Woocommerce

Name of the Vulnerable Software and Affected Versions: The Discount Rules for WooCommerce – Create Smart WooCommerce Coupons & Discounts, Bulk Discount, BOGO Coupons plugin for WordPress versions up to, and including, 2.6.5 Description: The issue is related to Reflected Cross-Site Scripting due t...

6.1CVSS6.7AI score0.004EPSS
Exploits0References10
OSV
OSV
added 2024/10/04 1:15 p.m.5 views

CVE-2024-8499

The Checkout Field Editor Checkout Manager for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘renderreviewrequestnotice’ function in all versions up to, and including, 2.0.3 due to insufficient input sanitization and output escaping. This makes it possib...

6.1CVSS5.9AI score0.00426EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/10/04 1:25 a.m.4 views

WordPress Checkout Field Editor (Checkout Manager) for WooCommerce plugin <= 2.0.3 - Reflected Cross-Site Scripting via render_review_request_notice vulnerability

Reflected Cross-Site Scripting via renderreviewrequestnotice vulnerability discovered by vgo0 in WordPress Plugin Checkout Field Editor Checkout Manager for WooCommerce versions = 2.0.3...

6.1CVSS6.3AI score0.00426EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/10/01 9:15 a.m.5 views

CVE-2024-9228

The Loggedin – Limit Active Logins plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.3.1. This makes it possible for unauthenticated attackers to inject arbitrary web...

6.1CVSS6AI score0.0037EPSS
Exploits0References2
Rows per page
Query Builder