Lucene search
K

5 matches found

CVE
CVE
added 2025/05/15 8:7 p.m.38 views

CVE-2024-9227

The CVE concerns the WordPress PowerPress Podcasting plugin by Blubrry (versions prior to 11.9.18). The issue is insufficient sanitization/escaping of certain podcast settings when adding a podcast, enabling Stored Cross-Site Scripting (XSS) attacks and affecting admin users, even with unfiltered...

4.8CVSS5.8AI score0.00266EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2025/05/07 5:19 p.m.62 views

CVE-2025-20147

The CVE-2025-20147 issue affects Cisco Catalyst SD-WAN Manager (vManage) web-based management interface. The root cause is improper sanitization of user input in the management UI, enabling an authenticated, remote attacker to perform a stored cross-site scripting (XSS) attack on the affected sys...

5.4CVSS5.1AI score0.00264EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/05/07 3:27 p.m.5 views

GHSA-Q9Q2-3PPX-MWQF Graylog Allows Stored Cross-Site Scripting via Files Plugin and API Browser

Impact Two minor vulnerabilities were identified in the Graylog2 enterprise server, which can be combined to carry out a stored cross-site scripting attack. An attacker with the permission FILESCREATE can exploit these vulnerabilities to upload arbitrary Javascript code to the Graylog2 server,...

7.3CVSS6.7AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/05 4:58 a.m.5 views

CVE-2024-10108

The WPAdverts – Classifieds Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's advertsadd shortcode in all versions up to, and including, 2.1.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers t...

7.2CVSS6.1AI score0.00382EPSS
Exploits0References1
Fortinet
Fortinet
added 2021/08/03 12:0 a.m.45 views

FortiManager and FortiAnalyzer - Multiple reflected XSS

Multiple improper neutralization of input during web page generation CWE-79 in FortiManager and FortiAnalyzer user interface may allow a remote authenticated attacker to perform a Stored Cross Site Scripting attack XSS by injecting malicious payload in GET parameters...

3.5CVSS5AI score0.00599EPSS
Exploits0Affected Software2
Rows per page
Query Builder