Lucene search
+L

798 matches found

Patchstack
Patchstack
added 2024/11/18 12:0 a.m.12 views

WordPress WP e-Commerce Style Email Plugin <= 0.6.2 is vulnerable to Cross Site Scripting (XSS)

Software WP e-Commerce Style Email Type Plugin Vulnerable versions = 0.6.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-52462 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 22630f6609c8 Credits SOPROBRO Required...

6.8AI score0.00339EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/11/18 12:0 a.m.10 views

WordPress Weather Atlas Widget Plugin <= 3.0.1 is vulnerable to Cross Site Scripting (XSS)

Software Weather Atlas Widget Type Plugin Vulnerable versions = 3.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-52472 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 5504e62dc0b7 Credits LVT-tholv2k Required privileg...

7.1CVSS6.8AI score0.0026EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/11/15 12:0 a.m.14 views

WordPress SimpleForm Plugin <= 2.2.0 is vulnerable to Cross Site Scripting (XSS)

Software SimpleForm Type Plugin Vulnerable versions = 2.2.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10883 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c9428f96f6e1 Credits Peter Thaleikis Required...

6.1CVSS5.9AI score0.00363EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/11/13 12:0 a.m.12 views

WordPress ReConstruction Theme <= 1.4.7 is vulnerable to Cross Site Scripting (XSS)

Software ReConstruction Type Theme Vulnerable versions = 1.4.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-52417 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 09fd48f64288 Credits justakazh Required privilege...

7.1CVSS6.8AI score0.00276EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/11/12 9:15 p.m.12 views

CVE-2024-11112

Use after free in Media in Google Chrome on Windows prior to 131.0.6778.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS0.00343EPSS
Exploits0References2
CVE
CVE
added 2024/11/12 8:9 p.m.311 views

CVE-2024-11113

CVE-2024-11113 affects Google Chrome (Accessibility component). A use-after-free in the Accessibility path prior to Chrome 131.0.6778.69 allowed a remote attacker who had compromised the renderer process to potentially cause heap corruption via a crafted HTML page. The Chrome release notes confir...

8.8CVSS7.1AI score0.00343EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/11/12 12:0 a.m.18 views

WordPress Styler for Ninja Forms Plugin <= 3.3.4 is vulnerable to Settings Change

Software Styler for Ninja Forms Type Plugin Vulnerable versions = 3.3.4 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Settings Change CVE CVE-2024-10717 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 2b68f06a005e Credits...

6.5CVSS6.5AI score0.00398EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/11/06 12:0 a.m.14 views

WordPress Wp-ImageZoom Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)

Software Wp-ImageZoom Type Plugin Vulnerable versions = 1.1.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9934 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 48857c949d4e Credits Mohammad Nikouei Requir...

6.1CVSS5.9AI score0.00317EPSS
Exploits1References2Affected Software1
Patchstack
Patchstack
added 2024/11/04 12:0 a.m.17 views

WordPress Don't Break The Code Plugin <= .3.1 is vulnerable to Cross Site Scripting (XSS)

Software Don't Break The Code Type Plugin Vulnerable versions = .3.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51779 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e5611bdb41d7 Credits João Pedro S Alcântara Kinorth...

7.1CVSS6.9AI score0.00259EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/29 12:0 a.m.8 views

WordPress Subscribe to Comments Plugin <= 2.3 is vulnerable to Cross Site Scripting (XSS)

Software Subscribe to Comments Type Plugin Vulnerable versions = 2.3 Fixed in 2.3.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8792 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e73a4a4fc1e2 Credits vgo0 Required...

6.1CVSS5.6AI score0.00402EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/29 12:0 a.m.11 views

WordPress WPAdverts – Classifieds Plugin Plugin <= 2.1.6 is vulnerable to Cross Site Scripting (XSS)

Software WPAdverts – Classifieds Plugin Type Plugin Vulnerable versions = 2.1.6 Fixed in 2.1.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10108 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d98a67dcc148 Credits...

7.2CVSS5.6AI score0.00382EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/28 12:0 a.m.15 views

WordPress SEUR Oficial Plugin <= 2.2.11 is vulnerable to Cross Site Scripting (XSS)

Software SEUR Oficial Type Plugin Vulnerable versions = 2.2.11 Fixed in 2.2.12 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9438 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 09ee4a264f33 Credits vgo0 Required...

6.1CVSS5.6AI score0.0036EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/23 12:0 a.m.12 views

WordPress Terms descriptions Plugin <= 3.4.6 is vulnerable to Cross Site Scripting (XSS)

Software Terms descriptions Type Plugin Vulnerable versions = 3.4.6 Fixed in 3.4.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9374 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 8fca607d99fe Credits vgo0 Required...

6.1CVSS5.9AI score0.00309EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/21 12:0 a.m.10 views

WordPress BP Member Type Manager Plugin <= 1.01 is vulnerable to Cross Site Scripting (XSS)

Software BP Member Type Manager Type Plugin Vulnerable versions = 1.01 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-49634 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID ae38971a18f4 Credits João Pedro S Alcântara Kinor...

7.1CVSS6.6AI score0.00281EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/16 12:0 a.m.10 views

WordPress WP Photo Album Plus Plugin <= 8.8.05.003 is vulnerable to Cross Site Scripting (XSS)

Software WP Photo Album Plus Type Plugin Vulnerable versions = 8.8.05.003 Fixed in 8.8.07.004 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9951 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 361cb23fe9c7 Credits Noah...

6.1CVSS5.9AI score0.00291EPSS
Exploits0References3Affected Software1
AlpineLinux
AlpineLinux
added 2024/10/15 9:15 p.m.22 views

CVE-2024-9955

Use after free in WebAuthentication in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS7.1AI score0.00765EPSS
Exploits0
OSV
OSV
added 2024/10/15 9:15 p.m.17 views

CVE-2024-9960

Use after free in Dawn in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

7.5CVSS6.9AI score
Exploits0References2
CVE
CVE
added 2024/10/15 8:14 p.m.75 views

CVE-2024-9959

CVE-2024-9959 affects Google Chrome/Chromium with a Use-After-Free in DevTools prior to 130.0.6723.58. A remote attacker who has compromised the renderer could potentially exploit heap corruption via a crafted Chrome Extension. The issue is associated with the Chromium DevTools component and has ...

8.8CVSS7.4AI score0.00327EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/15 12:0 a.m.16 views

WordPress Akismet htaccess writer Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)

Software Akismet htaccess writer Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-49316 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 909749f57b22 Credits Le Ngoc Anh Required...

7.1CVSS6.6AI score0.00259EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/08 12:0 a.m.9 views

WordPress ThemeHunk Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)

Software ThemeHunk Type Plugin Vulnerable versions = 1.1.0 Fixed in 1.1.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8433 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID c1773d3ddeac Credits Lucio Sá Required...

6.4CVSS5.6AI score0.00342EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder