Lucene search
+L

26 matches found

attackerkb
attackerkb
added 2023/07/24 2:15 p.m.4 views

CVE-2022-28867

An issue was discovered in Nokia NetAct 22 through the Administration of Measurements website section. A malicious user can edit or add the templateName parameter in order to include JavaScript code, which is then stored and executed by a victim's web browser. The most common mechanism for...

5.4CVSS6.1AI score0.00389EPSS
Exploits1References3
osv
osv
added 2022/11/08 7:15 p.m.4 views

CVE-2022-41136

Cross-Site Request Forgery CSRF vulnerability leading to Stored Cross-Site Scripting XSS in Vladimir Anokhin's Shortcodes Ultimate plugin = 5.12.0 on WordPress...

8.8CVSS5.8AI score0.00293EPSS
Exploits0References2
osv
osv
added 2022/10/03 2:15 p.m.5 views

UBUNTU-CVE-2022-2628

The DSGVO All in one for WP WordPress plugin before 4.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.8AI score0.00554EPSS
Exploits2References3
attackerkb
attackerkb
added 2022/05/30 9:15 a.m.11 views

CVE-2022-1646

The Simple Real Estate Pack WordPress plugin through 1.4.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed...

4.8CVSS5.8AI score0.00565EPSS
Exploits2References2
osv
osv
added 2021/11/17 11:15 a.m.2 views

CVE-2021-24834

The YOP Poll WordPress plugin before 6.3.1 is affected by a stored Cross-Site Scripting vulnerability which exists in the Create Poll - Options module where a user with a role as low as author is allowed to execute arbitrary script code within the context of the application. This vulnerability is...

5.4CVSS6.3AI score0.01483EPSS
Exploits0References3
cnvd
cnvd
added 2021/07/02 12:0 a.m.4 views

Monstra cross-site scripting vulnerability (CNVD-2021-46870)

Monstra is a lightweight content management system CMS. A stored cross-site scripting vulnerability exists in Monstra version 3.0.4. The vulnerability can be exploited to execute arbitrary web script or HTML via the "Site Name" field under the "Site Settings" module...

5.4CVSS6AI score0.00531EPSS
Exploits1References1
Rows per page
Query Builder