Lucene search
K

6 matches found

ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-15284

The King Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'formpageid' parameter in versions up to, and including, 51.1.62 This is due to insufficient input sanitization in the addtosubmissions function, which applies sanitizetextfield which preserves...

6.4CVSS6.1AI score0.00307EPSS
Exploits0References11
Prion
Prion
added 2021/11/08 6:15 p.m.12 views

Cross site scripting

The School Management System – WPSchoolPress WordPress plugin before 2.1.17 sanitise some fields using sanitizetextfield but does not escape them before outputting in attributes, resulting in Stored Cross-Site Scripting issues...

3.5CVSS4.9AI score0.02358EPSS
Exploits4References2Affected Software1
CNNVD
CNNVD
added 2021/11/08 12:0 a.m.7 views

WordPress 跨站脚本漏洞

WordPress is a set of blogging platforms developed using the PHP language by the Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress WPSchoolPress plugin prior to version 2.1.17, whi...

4.8CVSS5.3AI score0.02358EPSS
Exploits4References4
Packet Storm
Packet Storm
added 2020/02/12 12:0 a.m.146 views

WordPress Tutor 1.5.3 Cross Site Scripting

Tile: Wordpress Plugin tutor.1.5.3 - Cross-Site Scripting - Author: mehran feizi - Category: webapps - Date: 2020.02.12 =================================================================== Vulnerable page: /Quiz.php =================================================================== Vulnerable...

7.4AI score
Exploits0
0day.today
0day.today
added 2020/02/12 12:0 a.m.65 views

WordPress Tutor 1.5.3 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications - Tile: Wordpress Plugin tutor.1.5.3 - Cross-Site Scripting - Author: mehran feizi - Category: webapps =================================================================== Vulnerable page: /Quiz.php...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2018/04/28 12:0 a.m.46 views

WordPress Plugin File Upload 4.3.3 - Stored Cross-Site Scripting (PoC)

0x01 漏洞概述 Wordpress的插件WordPress File Upload v4.3.3及其以前版本在管理后台存在一处存储型xss漏洞。攻击者可以通过该漏洞执行js脚本,获取管理员cookie。 漏洞名称:WordPress Plugin File Upload 4.3.3 - Stored Cross-Site Scripting PoC 漏洞来源:https://www.exploit-db.com/exploits/44444/ CVE:CVE-2018-9844 影响组件:WordPress Plugin File Upload...

4.3CVSS1AI score0.03844EPSS
Exploits6
Rows per page
Query Builder