Lucene search
+L

123 matches found

Cvelist
Cvelist
added 2024/06/15 9:43 a.m.35 views

CVE-2024-5611 Stratum – Elementor Widgets <= 1.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget

The Stratum – Elementor Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘labelyears’ attribute within the Countdown widget in all versions up to, and including, 1.4.1 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS0.00326EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/06/15 9:43 a.m.14 views

CVE-2024-5611 Stratum – Elementor Widgets <= 1.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget

The Stratum – Elementor Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘labelyears’ attribute within the Countdown widget in all versions up to, and including, 1.4.1 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS5.8AI score0.00326EPSS
Exploits0References3
CVE
CVE
added 2024/06/15 9:43 a.m.63 views

CVE-2024-5611

CVE-2024-5611 : The Stratum – Elementor Widgets plugin for WordPress (versions

6.4CVSS5.9AI score0.00326EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/06/15 12:0 a.m.4 views

WordPress plugin Stratum - Elementor Widgets Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A security vulnerability...

6.4CVSS6.1AI score0.00326EPSS
Exploits0References4
Patchstack
Patchstack
added 2024/06/14 12:46 p.m.9 views

WordPress Stratum – Elementor Widgets plugin <= 1.4.1 - Authenticated Stored Cross-Site Scripting via Countdown Widget vulnerability

Authenticated Stored Cross-Site Scripting via Countdown Widget vulnerability discovered by wesley wcraft in WordPress Plugin Stratum versions = 1.4.1...

6.4CVSS5.8AI score0.00326EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/06/14 12:0 a.m.13 views

WordPress Stratum Plugin <= 1.4.1 is vulnerable to Cross Site Scripting (XSS)

Software Stratum Type Plugin Vulnerable versions = 1.4.1 Fixed in 1.4.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5611 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b26c4b69b206 Credits wesley wcraft Required privilege...

6.4CVSS5.8AI score0.00326EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2024/06/05 7:15 p.m.5 views

CVE-2023-50803

An issue was discovered in Samsung Mobile Processor, and Modem Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check replay...

5.3CVSS5.8AI score0.00338EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/05/04 12:0 a.m.5 views

PT-2024-25927 · Open5Gs · Open5Gs

Name of the Vulnerable Software and Affected Versions: Open5GS versions prior to 2.7.1 Description: The issue is related to a reachable assertion that can cause an AMF crash via NAS messages from a UE. This occurs due to improper handling of the pkbuf-len variable in the ogs nas encrypt function...

5.3CVSS6.5AI score0.00513EPSS
Exploits0References9
WPVulnDB
WPVulnDB
added 2024/04/01 12:0 a.m.21 views

Stratum < 1.3.16 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The Stratum plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.3.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject...

6.5CVSS5.8AI score0.00339EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/03/27 7:15 a.m.15 views

CVE-2024-29914

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MotoPress Stratum allows Stored XSS.This issue affects Stratum: from n/a through 1.3.15...

6.5CVSS6.4AI score0.00339EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/27 7:4 a.m.25 views

CVE-2024-29914 WordPress Stratum – Elementor Widgets plugin <= 1.3.15 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MotoPress Stratum allows Stored XSS.This issue affects Stratum: from n/a through 1.3.15...

6.5CVSS6.6AI score0.00339EPSS
Exploits0References1
CVE
CVE
added 2024/03/27 7:4 a.m.62 views

CVE-2024-29914

Technical details about CVE-2024-29914 are not provided in the supplied documents. The initial entry notes a Stored XSS in MotoPress Stratum (WordPress plugin) up to version 1.3.15, but no fix/impact specifics are included here.

6.5CVSS8.6AI score0.00339EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/03/27 12:0 a.m.7 views

PT-2024-23136 · Motopress · Motopress Stratum

Name of the Vulnerable Software and Affected Versions: MotoPress Stratum versions 1.3.15 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for Stored XSS. This means that an attacker can inject malicious scripts into the...

6.5CVSS9.1AI score0.00339EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/03/27 12:0 a.m.8 views

WordPress Plugin Stratum 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

6.5CVSS7AI score0.00339EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/03/25 12:0 a.m.11 views

WordPress Stratum Plugin <= 1.3.15 is vulnerable to Cross Site Scripting (XSS)

Software Stratum Type Plugin Vulnerable versions = 1.3.15 Fixed in 1.3.16 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29914 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 3d8d138923e6 Credits Khalid Yusuf Required privilege Contributor...

6.5CVSS6.9AI score0.00339EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2024/03/04 12:0 a.m.5 views

Qualcomm Chipsets Security Vulnerability

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from a denial of service when handling multiple payload container types with incorrect container lengths received in a DL NAS transport OTA in NR...

7.5CVSS6.7AI score0.00324EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/03/04 12:0 a.m.6 views

Qualcomm Chipsets Security Vulnerability

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from a denial of service in the handling of DL NAS transport messages...

7.5CVSS6.7AI score0.00324EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/11/18 12:0 a.m.5 views

PT-2022-24601 · Free5Gc · Free5Gc

Name of the Vulnerable Software and Affected Versions: Free5gc version 3.0.5 Description: The issue arises due to malformed NAS messages, causing the AMF to break. Recommendations: For Free5gc version 3.0.5, consider implementing input validation to handle malformed NAS messages properly until a...

7.5CVSS7.5AI score0.00732EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2022/01/13 12:15 p.m.2 views

CVE-2021-30301

Possible denial of service due to out of memory while processing RRC and NAS OTA message in Snapdragon Auto, Snapdragon Industrial IOT, Snapdragon Mobile...

7.5CVSS7AI score0.00568EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/01/13 12:0 a.m.6 views

PT-2022-9974 · Qualcomm · Snapdragon Mobile +2

Name of the Vulnerable Software and Affected Versions: Snapdragon Auto affected versions not specified Snapdragon Industrial IOT affected versions not specified Snapdragon Mobile affected versions not specified Description: The issue is related to a possible denial of service due to out of memory...

7.5CVSS7.4AI score0.00568EPSS
Exploits0References4
Rows per page
Query Builder