Lucene search
K

10 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2023-12235

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00471EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:53 a.m.4 views

CVE-2023-0145

The Saan World Clock WordPress plugin through 1.8 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS5.5AI score0.00471EPSS
Exploits2References1
NVD
NVD
added 2023/03/20 4:15 p.m.21 views

CVE-2023-0145

The Saan World Clock WordPress plugin through 1.8 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS5.3AI score0.00471EPSS
Exploits2References1
Prion
Prion
added 2023/03/20 4:15 p.m.15 views

Cross site scripting

The Saan World Clock WordPress plugin through 1.8 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

4.9CVSS5.4AI score0.00471EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/20 3:52 p.m.6 views

CVE-2023-0145 Saan World Clock <= 1.8 - Contributor+ Stored XSS

The Saan World Clock WordPress plugin through 1.8 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.3AI score0.00471EPSS
Exploits2References1
Cvelist
Cvelist
added 2023/03/20 3:52 p.m.28 views

CVE-2023-0145 Saan World Clock <= 1.8 - Contributor+ Stored XSS

The Saan World Clock WordPress plugin through 1.8 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.5AI score0.00471EPSS
Exploits2References1
CVE
CVE
added 2023/03/20 3:52 p.m.142 views

CVE-2023-0145

CVE-2023-0145 affects the WordPress plugin “Saan World Clock” up to version 1.8. The vulnerability arises because the plugin does not validate and escape certain shortcode attributes, allowing stored cross-site scripting when a page/post renders the shortcode. Impact: stored XSS that can affect u...

5.4CVSS5.3AI score0.00471EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2023/03/02 12:0 a.m.55 views

WordPress Saan World Clock Plugin <= 1.8 is vulnerable to Cross Site Scripting (XSS)

Software Saan World Clock Type Plugin Vulnerable versions = 1.8 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0145 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID cb720ac68691 Credits Lana Codes Required...

5.4CVSS5.9AI score0.00471EPSS
Exploits2References4Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/21 12:0 a.m.15 views

Saan World Clock <= 1.8 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC wclock tz='" onmouseover="alert1"...

5.4CVSS5AI score0.00471EPSS
Exploits2Affected Software1
wpexploit
wpexploit
added 2023/02/21 12:0 a.m.142 views

Saan World Clock <= 1.8 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. wclock tz='" onmouseover="alert1"...

5.4CVSS5.2AI score0.00471EPSS
Exploits2
Rows per page
Query Builder