Lucene search
K

67 matches found

Positive Technologies
Positive Technologies
added 2024/12/07 12:0 a.m.5 views

PT-2024-17522 · WordPress · Beautiful Taxonomy Filters

Name of the Vulnerable Software and Affected Versions: The Beautiful taxonomy filters plugin for WordPress versions up to, and including, 2.4.3 Description: The issue is related to SQL Injection via the selects0term parameter due to insufficient escaping on the user-supplied parameter and lack of...

7.5CVSS8.1AI score0.03556EPSS
Exploits1References9
ATTACKERKB
ATTACKERKB
added 2024/10/16 8:15 a.m.2 views

CVE-2023-7295

The Video Grid plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the searchterm parameter in versions up to, and including, 1.21 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts ...

6.1CVSS5.6AI score0.00291EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/10/16 12:0 a.m.3 views

WordPress plugin Video Grid 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.1CVSS6.1AI score0.00291EPSS
Exploits0References2
OSV
OSV
added 2023/06/09 6:16 a.m.3 views

CVE-2023-2289

The wordpress vertical image slider plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘searchterm’ parameter in versions up to, and including, 1.2.16 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inje...

6.1CVSS7.4AI score0.00433EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/06/09 6:16 a.m.2 views

CVE-2023-2289

The wordpress vertical image slider plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘searchterm’ parameter in versions up to, and including, 1.2.16 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inje...

6.1CVSS6AI score0.00433EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2023/06/09 6:16 a.m.1 views

CVE-2023-2402

The Photo Gallery Slideshow & Masonry Tiled Gallery plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the searchterm parameter in versions up to, and including, 1.0.13 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

6.1CVSS7AI score0.00433EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2023/06/09 6:16 a.m.4 views

CVE-2023-2184

The WP Responsive Tabs horizontal vertical and accordion Tabs plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the searchterm parameter in versions up to, and including, 1.1.15 due to insufficient input sanitization and output escaping. This makes it possible for...

6.1CVSS7.4AI score0.00433EPSS
Exploits0References3
OSV
OSV
added 2023/06/09 6:16 a.m.4 views

CVE-2023-2184

The WP Responsive Tabs horizontal vertical and accordion Tabs plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the searchterm parameter in versions up to, and including, 1.1.15 due to insufficient input sanitization and output escaping. This makes it possible for...

6.1CVSS6AI score0.00433EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/06/09 12:0 a.m.6 views

PT-2023-19363 · WordPress · The Photo Gallery Slideshow & Masonry Tiled Gallery

Name of the Vulnerable Software and Affected Versions: The Photo Gallery Slideshow & Masonry Tiled Gallery plugin for WordPress versions up to, and including, 1.0.13 Description: The issue arises from insufficient input sanitization and output escaping, making it possible for unauthenticated...

6.1CVSS6.7AI score0.00433EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/06/09 12:0 a.m.4 views

WordPress Plugin Team Circle Image Slider With Lightbox 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.1CVSS7AI score0.00433EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2023/05/16 3:15 a.m.3 views

CVE-2023-2710

The video carousel slider with lightbox plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the searchterm parameter in versions up to, and including, 1.0.22 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

6.1CVSS7AI score0.00612EPSS
Exploits0References4
OSV
OSV
added 2023/04/18 2:15 a.m.5 views

CVE-2023-2120

The Thumbnail carousel slider plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the searchterm parameter in versions up to, and including, 1.1.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

6.1CVSS6AI score0.00609EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2023/04/18 2:15 a.m.1 views

CVE-2023-2120

The Thumbnail carousel slider plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the searchterm parameter in versions up to, and including, 1.1.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

6.1CVSS7AI score0.00609EPSS
Exploits0References4
OSV
OSV
added 2023/04/18 2:15 a.m.3 views

CVE-2023-2119

The Responsive Filterable Portfolio plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the searchterm parameter in versions up to, and including, 1.0.19 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

6.1CVSS7AI score
Exploits0References3
OSV
OSV
added 2022/09/23 10:15 p.m.3 views

CVE-2022-40119

Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the searchterm parameter at /net-banking/transactions.php...

9.8CVSS5.8AI score
Exploits0References2
OSV
OSV
added 2022/09/23 10:15 p.m.4 views

CVE-2022-40120

Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the searchterm parameter at /net-banking/customertransactions.php...

9.8CVSS5.8AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/09/23 12:0 a.m.6 views

PT-2022-25222 · Unknown · Online Banking System

Name of the Vulnerable Software and Affected Versions: Online Banking System version 1.0 Description: The issue is related to a SQL injection vulnerability. It can be exploited via the search term parameter at the "/net-banking/transactions.php" API endpoint. Recommendations: For Online Banking...

9.8CVSS9.6AI score0.00819EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/09/23 12:0 a.m.2 views

Online Banking System SQL注入漏洞

Online Banking System is an online banking system developed using PHP and MySQL. v1.0 of Online Banking System contains a security vulnerability that originates in the searchterm parameter in the /net-banking/transactions.php location. injection issue in the searchterm parameter at...

9.8CVSS7.3AI score0.00819EPSS
Exploits1References3
OSV
OSV
added 2022/02/01 1:15 p.m.26 views

CVE-2021-45416

Reflected Cross-site scripting XSS vulnerability in RosarioSIS 8.2.1 allows attackers to inject arbitrary HTML via the searchterm parameter in the modules/Scheduling/Courses.php script...

6.1CVSS6AI score0.03002EPSS
Exploits2References2
Cvelist
Cvelist
added 2022/02/01 12:44 p.m.41 views

CVE-2021-45416

Reflected Cross-site scripting XSS vulnerability in RosarioSIS 8.2.1 allows attackers to inject arbitrary HTML via the searchterm parameter in the modules/Scheduling/Courses.php script...

6.2AI score0.03002EPSS
Exploits2References1
Rows per page
Query Builder