Lucene search
K

73 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 8:17 a.m.4 views

CVE-2024-10744

A vulnerability was found in PHPGurukul Online Shopping Portal 2.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/assets/plugins/DataTables/media/unittesting/templates/complexheader2.php. The manipulation of the argument scripts...

6.1CVSS5.2AI score0.00367EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:17 a.m.6 views

CVE-2024-8871

The Pricing Tables WordPress Plugin – Easy Pricing Tables plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 3.2.5. This makes it possible for unauthenticated attackers to...

6.1CVSS6.3AI score0.00355EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:10 a.m.12 views

CVE-2024-12772

The Ninja Tables WordPress plugin before 5.0.17 does not sanitize and escape a parameter before outputting it back in the page when importing a CSV, leading to a Cross Site Scripting vulnerability...

6.1CVSS6.2AI score0.0032EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:33 a.m.3 views

CVE-2023-1274

The Pricing Tables For WPBakery Page Builder formerly Visual Composer WordPress plugin before 3.0 does not validate some shortcode attributes before using them to generate paths passed to include function/s, allowing any authenticated users such as subscriber to perform LFI attacks...

6.5CVSS6.5AI score0.009EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:34 a.m.11 views

CVE-2022-4654

The Pricing Tables WordPress Plugin WordPress plugin before 3.2.3 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack...

5.4CVSS5.9AI score0.00471EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:45 p.m.9 views

CVE-2022-47137

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in WPManageNinja LLC Ninja Tables plugin = 4.3.4 versions...

5.9CVSS5.6AI score0.0042EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 7:24 p.m.13 views

CVE-2021-25098

The Pricing Tables WordPress Plugin WordPress plugin before 3.1.3 does not verify the CSRF nonce when removing posts, allowing attackers to make a logged in admin remove arbitrary posts from the blog via a CSRF attack, which will be put in the trash...

6.5CVSS6.7AI score0.00523EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:33 a.m.8 views

CVE-2015-9401

The websimon-tables plugin through 1.3.4 for WordPress has wp-admin/tools.php editstyle id XSS...

4.8CVSS7.1AI score0.01033EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:5 a.m.6 views

CVE-2017-18597

The jtrt-responsive-tables plugin before 4.1.2 for WordPress has SQL Injection via the admin/class-jtrt-responsive-tables-admin.php tableId parameter...

8.8CVSS8.3AI score0.01911EPSS
Exploits2References1
OSV
OSV
added 2025/01/31 6:15 a.m.4 views

CVE-2024-12772

The Ninja Tables WordPress plugin before 5.0.17 does not sanitize and escape a parameter before outputting it back in the page when importing a CSV, leading to a Cross Site Scripting vulnerability...

5.4CVSS7.3AI score0.0032EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/11/18 12:0 a.m.3 views

WordPress plugin OS Pricing Tables 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.5CVSS8.2AI score0.00231EPSS
Exploits0References1
OSV
OSV
added 2024/11/06 12:15 p.m.8 views

CVE-2024-8323

The Pricing Tables WordPress Plugin – Easy Pricing Tables plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘fontFamily’ attribute in all versions up to, and including, 3.2.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticat...

5.4CVSS5.9AI score0.00321EPSS
Exploits0References4
CVE
CVE
added 2024/11/06 11:32 a.m.49 views

CVE-2024-8323

CVE-2024-8323 affects the Pricing Tables WordPress Plugin – Easy Pricing Tables (WordPress). The vulnerability is a Stored Cross-Site Scripting via the fontFamily attribute in all versions up to and including 3.2.6, exploitable by authenticated users with Contributor-level access or higher to inj...

6.4CVSS5.4AI score0.00321EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2024/11/04 3:15 a.m.3 views

CVE-2024-10757

A vulnerability, which was classified as problematic, has been found in PHPGurukul Online Shopping Portal 2.0. Affected by this issue is some unknown functionality of the file /admin/assets/plugins/DataTables/media/unittesting/templates/jsdata.php. The manipulation of the argument scripts leads t...

6.1CVSS4AI score0.00418EPSS
Exploits1References5
OSV
OSV
added 2024/11/04 3:15 a.m.2 views

CVE-2024-10756

A vulnerability classified as problematic was found in PHPGurukul Online Shopping Portal 2.0. Affected by this vulnerability is an unknown functionality of the file /admin/assets/plugins/DataTables/media/unittesting/templates/htmltable.php. The manipulation of the argument scripts leads to cross...

6.1CVSS3.8AI score0.00393EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/11/04 12:0 a.m.4 views

PHPGurukul Online Shopping Portal 跨站脚本漏洞

Online Shopping Portal is an online store system. Online Shopping Portal suffers from a cross-site scripting vulnerability that originates in the parameter admin/assets/plugins/DataTables/media/unittesting/templates/domdatatwoheaders.php. scripts lack effective filtering and escaping of...

5.4CVSS6.2AI score0.00379EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/11/03 12:0 a.m.3 views

PHPGurukul Online Shopping Portal 跨站脚本漏洞

Online Shopping Portal is an online store. Online Shopping Portal suffers from a cross-site scripting vulnerability that originates from the parameter scripts in file /admin/assets/plugins/DataTables/media/unittesting/templates/complexheader2.php that is not validly filtered and escaped by...

6.1CVSS6AI score0.00367EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/10/30 12:0 a.m.2 views

WordPress plugin Pricing Tables WordPress Plugin – Easy Pricing Tables 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. WordPress plugin Pricing Tables WordPress Plugin - Eas...

6.1CVSS6AI score0.00355EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/10/30 12:0 a.m.9 views

PT-2024-39289 · WordPress · Pricing Tables Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: Pricing Tables WordPress Plugin – Easy Pricing Tables plugin for WordPress versions up to, and including, 3.2.5 Description: The issue arises from the use of add query arg without proper escaping on the URL, leading to Reflected Cross-Site...

6.1CVSS6.6AI score0.00355EPSS
Exploits0References6
Patchstack
Patchstack
added 2024/10/29 8:33 p.m.7 views

WordPress Pricing Tables WordPress Plugin – Easy Pricing Tables plugin <= 3.2.5 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin Easy Pricing Tables versions = 3.2.5...

6.1CVSS6.3AI score0.00355EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder