Lucene search
K

72 matches found

CNNVD
CNNVD
added 2023/01/30 12:0 a.m.3 views

WordPress Plugin WP Tabs 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

5.4CVSS5.4AI score0.00534EPSS
Exploits2References2
NVD
NVD
added 2022/09/23 4:15 p.m.22 views

CVE-2022-40215

Multiple Authenticated Stored Cross-Site Scripting XSS vulnerabilities in Tabs plugin = 3.7.1 at WordPress...

5.4CVSS0.00422EPSS
Exploits0References2
OSV
OSV
added 2022/09/23 4:15 p.m.4 views

CVE-2022-40215

Multiple Authenticated Stored Cross-Site Scripting XSS vulnerabilities in Tabs plugin = 3.7.1 at WordPress...

5.4CVSS5.8AI score0.00422EPSS
Exploits0References2
Prion
Prion
added 2022/09/23 4:15 p.m.12 views

Cross site scripting

Multiple Authenticated Stored Cross-Site Scripting XSS vulnerabilities in Tabs plugin = 3.7.1 at WordPress...

4.9CVSS5.4AI score0.00422EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/09/23 3:22 p.m.9 views

CVE-2022-40215 WordPress Tabs plugin <= 3.7.1 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities

Multiple Authenticated Stored Cross-Site Scripting XSS vulnerabilities in Tabs plugin = 3.7.1 at WordPress...

3.4CVSS4.5AI score0.00422EPSS
Exploits0References2
CVE
CVE
added 2022/09/23 3:22 p.m.98 views

CVE-2022-40215

CVE-2022-40215 affects the WordPress Tabs plugin (versions 3.7.1 and earlier). The issue is multiple authenticated Stored Cross-Site Scripting (XSS) vulnerabilities caused by insufficient input filtering/escaping in the plugin, enabling an attacker with high privileges and authenticated access to...

5.4CVSS4.7AI score0.00422EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/09/23 3:22 p.m.25 views

CVE-2022-40215 WordPress Tabs plugin <= 3.7.1 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities

Multiple Authenticated Stored Cross-Site Scripting XSS vulnerabilities in Tabs plugin = 3.7.1 at WordPress...

3.4CVSS5.6AI score0.00422EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/09/23 12:0 a.m.5 views

PT-2022-25287 · Tabs · Tabs

Name of the Vulnerable Software and Affected Versions: Tabs plugin versions 3.7.1 and earlier Description: The issue concerns multiple authenticated stored Cross-Site Scripting XSS vulnerabilities. This means that an attacker can inject malicious scripts into the website, which will be executed b...

5.4CVSS5.1AI score0.00422EPSS
Exploits0References5
Patchstack
Patchstack
added 2022/09/22 12:0 a.m.29 views

WordPress Tabs plugin <= 3.7.1 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities

Multiple Authenticated Stored Cross-Site Scripting XSS vulnerabilities were discovered by Vlad Vector Patchstack in the WordPress Tabs plugin versions = 3.7.1. Solution Update the WordPress Tabs plugin to the latest available version at least 3.7.2...

5.4CVSS2.4AI score0.00422EPSS
Exploits0Affected Software1
OSV
OSV
added 2022/07/25 8:15 p.m.2 views

CVE-2022-36375

Authenticated high role user WordPress Options Change vulnerability in Biplob Adhikari's Tabs plugin = 3.6.0 at WordPress...

7.2CVSS5.8AI score
Exploits0References2
NVD
NVD
added 2022/07/25 8:15 p.m.16 views

CVE-2022-36375

Authenticated high role user WordPress Options Change vulnerability in Biplob Adhikari's Tabs plugin = 3.6.0 at WordPress...

7.2CVSS0.00976EPSS
Exploits0References2
Prion
Prion
added 2022/07/25 8:15 p.m.19 views

Code injection

Authenticated high role user WordPress Options Change vulnerability in Biplob Adhikari's Tabs plugin = 3.6.0 at WordPress...

5.8CVSS6.9AI score0.00976EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2022/07/25 7:50 p.m.81 views

CVE-2022-36375

CVE-2022-36375 concerns the WordPress Tabs plugin (versions ≤ 3.6.0). The vulnerability allows an authenticated, high-privilege user to change plugin options, as described across multiple sources. The root cause appears to be an insecure options-change flow that can be exploited by someone with e...

7.2CVSS7AI score0.00976EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/07/25 7:50 p.m.5 views

CVE-2022-36375 WordPress Tabs plugin <= 3.6.0 - Authenticated WordPress Options Change vulnerability

Authenticated high role user WordPress Options Change vulnerability in Biplob Adhikari's Tabs plugin = 3.6.0 at WordPress...

7.2CVSS7AI score0.00976EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/07/25 7:50 p.m.19 views

CVE-2022-36375 WordPress Tabs plugin <= 3.6.0 - Authenticated WordPress Options Change vulnerability

Authenticated high role user WordPress Options Change vulnerability in Biplob Adhikari's Tabs plugin = 3.6.0 at WordPress...

7.2CVSS7.2AI score0.00976EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/07/25 12:0 a.m.5 views

WordPress plugin Tabs 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

7.2CVSS7.1AI score0.00976EPSS
Exploits0References4
Patchstack
Patchstack
added 2022/07/25 12:0 a.m.29 views

WordPress Tabs plugin <= 3.6.0 - Authenticated WordPress Options Change vulnerability

Authenticated WordPress Options Change vulnerability discovered by m0ze Patchstack in WordPress Tabs plugin versions = 3.6.0. Solution Update the WordPress Tabs plugin to the latest available version at least 3.7.0...

7.2CVSS2.8AI score0.00976EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/07/25 12:0 a.m.4 views

PT-2022-23335 · Biplob Adhikari · Tabs

Name of the Vulnerable Software and Affected Versions: Biplob Adhikari's Tabs plugin versions = 3.6.0 Description: The issue is related to an authenticated WordPress Options Change vulnerability. It affects Biplob Adhikari's Tabs plugin at WordPress, where a high-role user can authenticate and...

7.2CVSS6.7AI score0.00976EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2022/05/23 8:16 a.m.5 views

CVE-2022-1298

The Tabs WordPress plugin before 2.2.8 does not sanitise and escape Tab descriptions, which could allow high privileged users with a role as low as editor to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS5.5AI score0.00565EPSS
Exploits2References2
Prion
Prion
added 2022/05/23 8:16 a.m.18 views

Cross site scripting

The Tabs WordPress plugin before 2.2.8 does not sanitise and escape Tab descriptions, which could allow high privileged users with a role as low as editor to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

3.5CVSS4.7AI score0.00565EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder