Lucene search
K

24 matches found

Patchstack
Patchstack
added 2025/12/31 12:0 a.m.6 views

WordPress Team Rosters plugin <= 4.7 - Reflected Cross-Site Scripting via 'tab' vulnerability

Reflected Cross-Site Scripting via 'tab' vulnerability discovered by vgo0 in WordPress Plugin Team Rosters versions = 4.7...

6.1CVSS5.4AI score0.00317EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-14723

Malicious code in bioql PyPI...

7.1CVSS7.6AI score0.00208EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-46007

Malicious code in bioql PyPI...

9.8CVSS8.7AI score0.00541EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/05 2:25 p.m.8 views

CVE-2025-31905

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mark O'Donnell Team Rosters team-rosters allows Reflected XSS.This issue affects Team Rosters: from n/a through = 4.7...

7.1CVSS7.2AI score0.00208EPSS
Exploits0References1
NVD
NVD
added 2025/04/03 2:15 p.m.8 views

CVE-2025-31905

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mark O'Donnell Team Rosters team-rosters allows Reflected XSS.This issue affects Team Rosters: from n/a through = 4.7...

7.1CVSS0.00208EPSS
Exploits0References1
CVE
CVE
added 2025/04/03 1:27 p.m.45 views

CVE-2025-31905

CVE-2025-31905 is a Reflected XSS in the WordPress plugin Team Rosters (NotFound) affecting versions up to and including 4.7 . The issue is caused by improper input neutralization during web page generation. Exploitation status or exact payloads are not detailed in the provided documents. No reme...

7.1CVSS7.2AI score0.00208EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/03 1:27 p.m.19 views

CVE-2025-31905 WordPress Team Rosters Plugin <= 4.7 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mark O'Donnell Team Rosters team-rosters allows Reflected XSS.This issue affects Team Rosters: from n/a through = 4.7...

7.1CVSS0.00208EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/03 1:27 p.m.14 views

CVE-2025-31905 WordPress Team Rosters Plugin <= 4.7 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NotFound Team Rosters allows Reflected XSS. This issue affects Team Rosters: from n/a through 4.7...

7.1CVSS7.1AI score0.00208EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/03 12:0 a.m.4 views

WordPress plugin Team Rosters 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

7.1CVSS6.9AI score0.00208EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/03 12:0 a.m.4 views

PT-2025-14752 · Unknown · Notfound Team Rosters

Name of the Vulnerable Software and Affected Versions: NotFound Team Rosters versions n/a through 4.7 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. This means that an attacker can...

7.1CVSS7.2AI score0.00208EPSS
Exploits0References6
Patchstack
Patchstack
added 2025/04/02 1:46 p.m.7 views

WordPress Team Rosters Plugin <= 4.7 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 in WordPress Plugin Team Rosters versions = 4.7...

7.1CVSS6.9AI score0.00208EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/02/05 12:25 p.m.7 views

CVE-2024-52439

Deserialization of Untrusted Data vulnerability in Mark O'Donnell Team Rosters team-rosters allows Object Injection.This issue affects Team Rosters: from n/a through = 4.8.2...

9.8CVSS7.2AI score0.00541EPSS
Exploits0References1
OSV
OSV
added 2025/01/30 2:15 p.m.3 views

CVE-2024-12320

The Team Rosters plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘tab’ parameter in all versions up to, and including, 4.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts ...

6.1CVSS5.9AI score0.00317EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/01/30 1:42 p.m.17 views

CVE-2024-12320 Team Rosters <= 4.7 - Reflected Cross-Site Scripting via 'tab'

The Team Rosters plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘tab’ parameter in all versions up to, and including, 4.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts ...

6.1CVSS0.00317EPSS
Exploits0References4
CVE
CVE
added 2025/01/30 1:42 p.m.49 views

CVE-2024-12320

CVE-2024-12320 refers to a Reflected Cross-Site Scripting vulnerability in the WordPress plugin Team Rosters (versions up to 4.7). The issue arises from insufficient input sanitization and output escaping in the tab parameter, enabling unauthenticated attackers to inject web scripts into pages th...

6.1CVSS6AI score0.00317EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2025/01/30 12:0 a.m.6 views

PT-2025-1813 · WordPress · Team Rosters

Name of the Vulnerable Software and Affected Versions: Team Rosters plugin for WordPress versions up to, and including, 4.7 Description: The issue is related to Reflected Cross-Site Scripting via the tab parameter due to insufficient input sanitization and output escaping. This allows...

6.1CVSS8.7AI score0.00317EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/01/30 12:0 a.m.5 views

WordPress plugin Team Rosters 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.1CVSS8.2AI score0.00317EPSS
Exploits0References3
NVD
NVD
added 2024/11/20 12:15 p.m.18 views

CVE-2024-52439

Deserialization of Untrusted Data vulnerability in Mark O'Donnell Team Rosters team-rosters allows Object Injection.This issue affects Team Rosters: from n/a through = 4.8.2...

9.8CVSS0.00541EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/20 11:27 a.m.28 views

CVE-2024-52439 WordPress Team Rosters plugin <= 4.8.2 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Mark O'Donnell Team Rosters team-rosters allows Object Injection.This issue affects Team Rosters: from n/a through = 4.8.2...

9.8CVSS0.00541EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/20 11:27 a.m.14 views

CVE-2024-52439 WordPress Team Rosters plugin <= 4.6 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Mark O’Donnell Team Rosters allows Object Injection.This issue affects Team Rosters: from n/a through 4.6...

9.8CVSS6.9AI score0.00541EPSS
Exploits0References1
Rows per page
Query Builder