Lucene search
K

174 matches found

Patchstack
Patchstack
added 2024/10/15 10:13 a.m.5 views

WordPress Responsive Lightbox & Gallery plugin <= 2.4.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Robert DeVore Patchstack Alliance in WordPress Plugin Responsive Lightbox versions = 2.4.8...

5.9CVSS6.1AI score0.0025EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/10/09 10:33 a.m.3 views

WordPress CM Tooltip Glossary plugin <= 4.3.9 - Stored Cross-Site Scripting vulnerability

Stored Cross-Site Scripting vulnerability discovered by Robert DeVore Patchstack Alliance in WordPress Plugin CM Tooltip Glossary versions = 4.3.9...

6.5CVSS5.8AI score0.00262EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/09/30 11:25 a.m.5 views

WordPress Gallery Lightbox plugin <= 1.0.0.39 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Robert DeVore Patchstack Alliance in WordPress Plugin Gallery Lightbox versions = 1.0.0.39...

5.9CVSS6.1AI score0.00236EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/09/30 11:1 a.m.5 views

WordPress Search Atlas SEO plugin <= 1.8.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Robert DeVore Patchstack Alliance in WordPress Plugin Search Atlas SEO versions = 1.8.2...

5.9CVSS6.1AI score0.00251EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/09/25 10:43 a.m.3 views

WordPress ARI Fancy Lightbox -- Popup for WordPress plugin <= 1.3.17 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Robert DeVore Patchstack Alliance in WordPress Plugin ARI Fancy Lightbox versions = 1.3.17...

6.5CVSS6.1AI score0.00251EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/09/12 7:13 a.m.4 views

WordPress WP Meta SEO plugin <= 4.5.13 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Robert DeVore Patchstack Alliance in WordPress Plugin WP Meta SEO versions = 4.5.13...

6.5CVSS6.1AI score0.00248EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2024/08/29 6:9 p.m.17 views

CVE-2024-43934 WordPress Collapsing Archives plugin <= 3.0.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Robert Felty Collapsing Archives allows Stored XSS.This issue affects Collapsing Archives: from n/a through 3.0.5...

6.5CVSS6.8AI score0.00246EPSS
Exploits0References1
CVE
CVE
added 2024/08/29 6:9 p.m.56 views

CVE-2024-43934

CVE-2024-43934 affects the Collapsing Archives WordPress plugin. It is a Stored XSS caused by improper neutralization of input during web page generation, affecting versions up to 3.0.5 (n/a to 3.0.5). Remediation: update to the patched version 3.0.5.

6.5CVSS6.2AI score0.00246EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/08/29 6:9 p.m.33 views

CVE-2024-43934 WordPress Collapsing Archives plugin <= 3.0.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Robert Felty Collapsing Archives allows Stored XSS.This issue affects Collapsing Archives: from n/a through 3.0.5...

6.5CVSS0.00246EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/08/29 12:0 a.m.13 views

WordPress Custom Field Template Plugin <= 2.6.5 is vulnerable to Cross Site Scripting (XSS)

Software Custom Field Template Type Plugin Vulnerable versions = 2.6.5 Fixed in 2.6.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-44062 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 53885cdfe965 Credits Robert DeVore Required privilege...

6.5CVSS6.6AI score0.00263EPSS
Exploits0References2Affected Software1
OpenVAS
OpenVAS
added 2024/02/29 12:0 a.m.36 views

Ubuntu: Security Advisory (USN-6653-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7AI score0.01999EPSS
Exploits0References2
HackRead
HackRead
added 2024/02/18 7:46 p.m.10 views

Hackers Claim Data Breach at Staffing Giant Robert Half, Sell Sensitive Data

By Waqas Deja vu at Robert Half? Notorious hackers claim responsibility as the staffing giant makes headlines for yet another alleged data breach in two years. This is a post from HackRead.com Read the original post: Hackers Claim Data Breach at Staffing Giant Robert Half, Sell Sensitive Data...

7.3AI score
Exploits0
NVD
NVD
added 2023/11/18 10:15 p.m.24 views

CVE-2023-47651

Cross-Site Request Forgery CSRF vulnerability in Robert Macchi WP Links Page.This issue affects WP Links Page: from n/a through 4.9.4...

8.8CVSS0.00288EPSS
Exploits0References1
Prion
Prion
added 2023/11/18 10:15 p.m.21 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Robert Macchi WP Links Page.This issue affects WP Links Page: from n/a through 4.9.4...

6.8CVSS7.2AI score0.00288EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/11/18 9:17 p.m.88 views

CVE-2023-47651

CVE-2023-47651 affects the WordPress WP Links Page plugin (versions up to 4.9.4). The vulnerability is a Cross-Site Request Forgery (CSRF) in the wplf_ajax_update_screenshots action that could be exploited by an unauthenticated attacker to forge requests. The issue is fixed in version 4.9.5. The ...

8.8CVSS8AI score0.00288EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/11/18 9:17 p.m.22 views

CVE-2023-47651 WordPress WP Links Page Plugin <= 4.9.4 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Robert Macchi WP Links Page.This issue affects WP Links Page: from n/a through 4.9.4...

4.3CVSS8.9AI score0.00288EPSS
Exploits0References1
Openbugbounty
Openbugbounty
added 2023/11/13 11:52 p.m.3 views

robert-portisch.de Improper Access Control vulnerability OBB-3780140

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.9AI score
Exploits0
OSV
OSV
added 2023/11/12 3:51 p.m.28 views

GHSA-M2WJ-R6G3-FXFX Symfony possible session fixation vulnerability

Description SessionStrategyListener does not always migrate the session after a successful login. It only migrate the session when the logged-in user identifier changes. In some use cases, the user identifier doesn't change between the verification phase and the successful login, while the token...

6.5CVSS6.2AI score0.00689EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2023/11/12 3:51 p.m.42 views

Symfony possible session fixation vulnerability

Description SessionStrategyListener does not always migrate the session after a successful login. It only migrate the session when the logged-in user identifier changes. In some use cases, the user identifier doesn't change between the verification phase and the successful login, while the token...

6.5CVSS6.9AI score0.00689EPSS
Exploits0References7Affected Software2
NVD
NVD
added 2023/11/10 2:15 p.m.21 views

CVE-2023-29426

Cross-Site Request Forgery CSRF vulnerability in Robert Schulz sprd.Net AG Spreadshop plugin = 1.6.5 versions...

8.8CVSS0.00312EPSS
Exploits0References1
Rows per page
Query Builder