Lucene search
+L

731 matches found

RedhatCVE
RedhatCVE
added 2025/08/30 6:17 p.m.5 views

CVE-2025-48353

Cross-Site Request Forgery CSRF vulnerability in dactum Clickbank WordPress Plugin Niche Storefront clickbank-niche-storefronts allows Stored XSS.This issue affects Clickbank WordPress Plugin Niche Storefront: from n/a through = 1.3.5...

7.1CVSS5.9AI score0.00118EPSS
Exploits0References1
CVE
CVE
added 2025/08/28 12:37 p.m.22 views

CVE-2025-48353

CVE-2025-48353 : A CSRF to Stored XSS vulnerability exists in the dactum Clickbank WordPress Plugin (Niche Storefront). Affected component: Clickbank WordPress Plugin (Niche Storefront) versions up to and including 1.3.5. Root cause: CSRF enables stored XSS in the plugin; exploitation details are...

7.1CVSS5.9AI score0.00118EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/28 12:37 p.m.2 views

CVE-2025-48353 WordPress Clickbank WordPress Plugin (Niche Storefront) plugin <= 1.3.5 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in dactum Clickbank WordPress Plugin Niche Storefront allows Stored XSS. This issue affects Clickbank WordPress Plugin Niche Storefront: from n/a through 1.3.5...

7.1CVSS6AI score0.00118EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/28 12:37 p.m.11 views

CVE-2025-48353 WordPress Clickbank WordPress Plugin (Niche Storefront) plugin <= 1.3.5 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in dactum Clickbank WordPress Plugin Niche Storefront clickbank-niche-storefronts allows Stored XSS.This issue affects Clickbank WordPress Plugin Niche Storefront: from n/a through = 1.3.5...

7.1CVSS0.00118EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/28 12:0 a.m.4 views

WordPress plugin Clickbank WordPress Plugin (Niche Storefront) 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

7.1CVSS5.9AI score0.00118EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/28 12:0 a.m.4 views

PT-2025-35022

Name of the Vulnerable Software and Affected Versions: dactum Clickbank WordPress Plugin Niche Storefront versions through 1.3.5 Description: A Cross-Site Request Forgery CSRF vulnerability exists in dactum Clickbank WordPress Plugin Niche Storefront, which also allows Stored Cross-Site Scripting...

7.1CVSS5.4AI score0.00118EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/08/21 3:39 a.m.5 views

WordPress Clickbank WordPress Plugin (Niche Storefront) plugin <= 1.3.5 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability

Cross Site Request Forgery CSRF to Stored XSS vulnerability discovered by Nguyen Xuan Chien Patchstack Alliance in WordPress Plugin Clickbank WordPress Plugin Niche Storefront versions = 1.3.5...

7.1CVSS6AI score0.00118EPSS
Exploits0Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.4 views

Malicious code in storefront-kit-react (npm)

The package storefront-kit-react was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.2 views

Malicious code in vue-storefront-stripe (npm)

The package vue-storefront-stripe was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.3 views

MAL-2025-34001 Malicious code in storefront-kit-react (npm)

The package storefront-kit-react was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.3 views

MAL-2025-38674 Malicious code in vue-storefront-stripe (npm)

The package vue-storefront-stripe was found to contain malicious code...

7.2AI score
Exploits0
Citrix
Citrix
added 2025/06/05 12:0 a.m.12 views

Slow initial page load when connecting to Storefront after upgrading to 2411/2503

After installing StoreFront 2411/2503, connections made to the landing page for a Storefront Store i.e. https://example.com/Citrix/XenAppWeb, users experience a 6 second delay before the logon page fully loads...

7.1AI score
Exploits0
Citrix
Citrix
added 2025/06/02 12:0 a.m.27 views

Citrix Director Infrastructure Monitoring - Incorrect IIS Certificate Validity status

When admin checks Storefront metrics in Citrix Director under Infrastructure Monitoring, incorrect IIS Certificate Validity status is displayed. All other metrics are displayed correctly. Example: StoreFront Details: Storefront is configured with correct certificate and a certificate chain is...

7AI score
Exploits0
Citrix
Citrix
added 2025/05/30 12:0 a.m.18 views

ADC-13.1-How to support multiple domain SSO to StoreFront with user "distinguishedName" attribute

How to support multiple domain SSO to StoreFront from NetScaler with user "distinguishedName" attribute...

7.1AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 11:42 a.m.7 views

CVE-2025-22385

An issue was discovered in Optimizely Configured Commerce before 5.2.2408. For newly created accounts, the Commerce B2B application does not require email confirmation. This medium-severity issue allows the mass creation of accounts. This could affect database storage; also, non-requested...

5.9CVSS6.8AI score0.00308EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:54 a.m.5 views

CVE-2024-29036

Saleor Storefront is software for building e-commerce experiences. Prior to commit 579241e75a5eb332ccf26e0bcdd54befa33f4783, when any user authenticates in the storefront, anonymous users are able to access their data. The session is leaked through cache and can be accessed by anyone. Users shoul...

4.3CVSS7AI score0.0057EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:15 a.m.14 views

CVE-2023-3294

Cross-site Scripting XSS - DOM in GitHub repository saleor/react-storefront prior to c29aab226f07ca980cc19787dcef101e11b83ef7...

7.6CVSS6.1AI score0.00459EPSS
Exploits1References1
Citrix
Citrix
added 2025/05/23 12:0 a.m.16 views

CVAD 2402 - Citrix Storefront SSO failed after change the Base URL

After the customer modified the Base URL setting to use a different hostname, single sign-on SSO functionality stopped working for all users across the environment. However, when the Base URL is reverted back to the original hostname of the StoreFront server, single sign-on resumes normal operati...

7.1AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 11:21 p.m.7 views

CVE-2022-27503

Cross-site Scripting XSS vulnerability in Citrix StoreFront affects version 1912 before CU5 and version 3.12 before CU9...

6.1CVSS6AI score0.00466EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:50 p.m.11 views

CVE-2020-8200

Improper authentication in Citrix StoreFront Server 1912.0.1000 allows an attacker who is authenticated on the same Microsoft Active Directory domain as a Citrix StoreFront server to read arbitrary files from that server...

6.5CVSS6.7AI score0.0133EPSS
Exploits0References1
Rows per page
Query Builder