Lucene search
K

27 matches found

Vulnrichment
Vulnrichment
added 2025/12/05 5:31 a.m.4 views

CVE-2025-13625 WP-SOS-Donate Donation Sidebar Plugin <= 0.9.2 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF']

The WP-SOS-Donate Donation Sidebar Plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the $SERVER'PHPSELF' parameter in all versions up to, and including, 0.9.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers t...

6.1CVSS5.3AI score0.00219EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/05 5:31 a.m.7 views

EUVD-2025-201383

The CoSign Single Signon plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the $SERVER'PHPSELF' parameter in all versions up to, and including, 0.3.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

6.1CVSS5.2AI score0.00212EPSS
Exploits0References4
CVE
CVE
added 2025/12/05 5:31 a.m.29 views

CVE-2025-13512

CVE-2025-13512 : CoSign Single Signon (WordPress plugin)

6.1CVSS5.3AI score0.00212EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/12/05 12:0 a.m.4 views

PT-2025-49219

The WP-SOS-Donate Donation Sidebar Plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the $ SERVER'PHP SELF' parameter in all versions up to, and including, 0.9.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers...

6.1CVSS5.6AI score0.00219EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/12/04 5:24 a.m.2 views

CVE-2025-13513 Clik stats <= 0.8 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF']

The Clik stats plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the $SERVER'PHPSELF' parameter in all versions up to, and including, 0.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

6.1CVSS5.3AI score0.00212EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/12/04 12:0 a.m.5 views

PT-2025-49005

The Clik stats plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the $ SERVER'PHP SELF' parameter in all versions up to, and including, 0.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary w...

6.1CVSS5.6AI score0.00212EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/01/03 12:0 a.m.3 views

RivetTracker 跨站脚本漏洞

RivetTracker is a modified version of PHPBTracker by Azizul Hakimi Mohd Yussuf Izzudin, a personal developer. RivetTracker suffers from a cross-site scripting vulnerability that stems from unknown handling, where manipulation of the parameter $SERVER PHPSELF results in cross-site scripting...

6.1CVSS4.2AI score0.00568EPSS
Exploits0References5
Rows per page
Query Builder