Lucene search
K

22 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-30355

Malicious code in bioql PyPI...

7.1CVSS6.4AI score0.00514EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 7:0 a.m.8 views

CVE-2024-32553

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in looksawesome Superfly Menu superfly-menu.This issue affects Superfly Menu: from n/a through = 5.0.25...

7.1CVSS5.9AI score0.00514EPSS
Exploits0References1
NVD
NVD
added 2024/08/02 7:16 a.m.13 views

CVE-2024-3238

The WordPress Menu Plugin — Superfly Responsive Menu plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.0.29. This is due to missing or incorrect nonce validation on the ajaxhandledeleteicons function. This makes it possible for unauthenticate...

8.8CVSS0.00382EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/08/02 6:41 a.m.24 views

CVE-2024-3238 WordPress Menu Plugin — Superfly Responsive Menu <= 5.0.29 - Cross-Site Request Forgery to Arbitrary File Deletion

The WordPress Menu Plugin — Superfly Responsive Menu plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.0.29. This is due to missing or incorrect nonce validation on the ajaxhandledeleteicons function. This makes it possible for unauthenticate...

8.8CVSS8.4AI score0.00382EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/08/02 6:41 a.m.15 views

CVE-2024-3238 WordPress Menu Plugin — Superfly Responsive Menu <= 5.0.29 - Cross-Site Request Forgery to Arbitrary File Deletion

The WordPress Menu Plugin — Superfly Responsive Menu plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.0.29. This is due to missing or incorrect nonce validation on the ajaxhandledeleteicons function. This makes it possible for unauthenticate...

8.8CVSS0.00382EPSS
Exploits0References2
CVE
CVE
added 2024/08/02 6:41 a.m.44 views

CVE-2024-3238

CVE-2024-3238 affects the WordPress Menu Plugin — Superfly Responsive Menu. The vulnerability is a Cross-Site Request Forgery due to missing or incorrect nonce validation in the ajax_handle_delete_icons() function, allowing unauthenticated attackers to delete arbitrary files if a site admin is tr...

8.8CVSS8.5AI score0.00382EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/08/02 2:35 a.m.3 views

WordPress Superfly Responsive Menu plugin <= 5.0.29 - Cross-Site Request Forgery to Arbitrary File Deletion vulnerability

Cross-Site Request Forgery to Arbitrary File Deletion vulnerability discovered by M.Awad in WordPress Plugin Superfly Menu versions = 5.0.29...

8.8CVSS7AI score0.00382EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/08/02 12:0 a.m.5 views

PT-2024-24541 · WordPress · Superfly Responsive Menu

Name of the Vulnerable Software and Affected Versions: WordPress Menu Plugin — Superfly Responsive Menu plugin for WordPress versions up to and including 5.0.29 Description: The issue is related to Cross-Site Request Forgery CSRF due to missing or incorrect nonce validation on the ajax handle...

8.8CVSS7.3AI score0.00382EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/08/02 12:0 a.m.5 views

WordPress plugin Superfly Responsive Menu 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

8.8CVSS6.4AI score0.00382EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/08/02 12:0 a.m.12 views

WordPress Superfly Menu Plugin <= 5.0.29 is vulnerable to Cross Site Request Forgery (CSRF)

Software Superfly Menu Type Plugin Vulnerable versions = 5.0.29 Fixed in 5.0.30 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-3238 Patch priority Low CVSS severity Low 8.8 Developer Claim ownership PSID 281e95564a8a Credits M.Awad Required...

8.8CVSS6.7AI score0.00382EPSS
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
added 2024/04/25 12:0 a.m.18 views

WordPress Menu Plugin — Superfly Responsive Menu <= 5.0.25 - Authenticated (Subscriber+) Stored Cross-Site Scripting

Description The WordPress Menu Plugin — Superfly Responsive Menu plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 5.0.25 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

7.1CVSS7.8AI score0.00514EPSS
Exploits0References1
NVD
NVD
added 2024/04/18 11:15 a.m.11 views

CVE-2024-32553

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in looksawesome Superfly Menu superfly-menu.This issue affects Superfly Menu: from n/a through = 5.0.25...

7.1CVSS6.9AI score0.00514EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/04/18 10:14 a.m.12 views

CVE-2024-32553 WordPress Superfly Menu plugin <= 5.0.25 - Subscriber+ Site-Wide Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in looksawesome Superfly Menu superfly-menu.This issue affects Superfly Menu: from n/a through = 5.0.25...

7.1CVSS5.2AI score0.00514EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/18 10:14 a.m.23 views

CVE-2024-32553 WordPress Superfly Menu plugin <= 5.0.25 - Subscriber+ Site-Wide Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in looksawesome Superfly Menu superfly-menu.This issue affects Superfly Menu: from n/a through = 5.0.25...

7.1CVSS7AI score0.00514EPSS
Exploits0References1
CVE
CVE
added 2024/04/18 10:14 a.m.68 views

CVE-2024-32553

CVE-2024-32553 affects WordPress Plugin – WordPress Menu Plugin (Superfly Menu). Vulnerable component is looks_awesome functionality (stored XSS) with root cause described as improper neutralization of input during web page generation. Impact per sources is Stored XSS with confidentiality/integri...

7.1CVSS5.9AI score0.00514EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/04/18 12:0 a.m.4 views

WordPress Plugin Superfly 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

7.1CVSS5.9AI score0.00514EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/04/16 6:26 a.m.6 views

WordPress Superfly Menu plugin <= 5.0.25 - Subscriber+ Site-Wide Stored Cross Site Scripting (XSS) vulnerability

Subscriber+ Site-Wide Stored Cross Site Scripting XSS vulnerability discovered by Dave Jong Patchstack in WordPress Plugin Superfly Menu versions = 5.0.25...

7.1CVSS5.8AI score0.00514EPSS
Exploits0Affected Software1
VulnCheck KEV
VulnCheck KEV
added 2024/04/16 12:0 a.m.1 views

VulnCheck KEV: CVE-2024-32553

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in looksawesome Superfly Menu superfly-menu.This issue affects Superfly Menu: from n/a through = 5.0.25...

7.1CVSS5.8AI score0.00514EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/04/16 12:0 a.m.8 views

WordPress Superfly Menu Plugin <= 5.0.25 is vulnerable to Cross Site Scripting (XSS)

Software Superfly Menu Type Plugin Vulnerable versions = 5.0.25 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32553 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6079596969f5 Credits Dave Jong Patchstack Required...

7.1CVSS6.5AI score0.00514EPSS
Exploits0References1Affected Software1
Openbugbounty
Openbugbounty
added 2023/10/19 11:21 a.m.19 views

dolomitisuperfly.com Cross Site Scripting vulnerability OBB-3754873

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Rows per page
Query Builder