CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cross-Site Request Forgery CSRF vulnerability in Haoqisir Baidu Tongji generator allows Stored XSS.This issue affects Baidu Tongji generator: from n/a through 1.0.2...

7.1CVSS7.1AI score0.00061EPSS

Exploits0References1

OSV•added 2023/11/13 6:15 p.m.•0 views

CVE-2023-31230

Cross-Site Request Forgery CSRF vulnerability in Haoqisir Baidu Tongji generator allows Stored XSS.This issue affects Baidu Tongji generator: from n/a through 1.0.2...

6.1CVSS7.3AI score

Exploits0References1

NVD•added 2023/11/13 6:15 p.m.•17 views

CVE-2023-31230

Cross-Site Request Forgery CSRF vulnerability in Haoqisir Baidu Tongji generator allows Stored XSS.This issue affects Baidu Tongji generator: from n/a through 1.0.2...

7.1CVSS0.00061EPSS

Exploits0References1

Prion•added 2023/11/13 6:15 p.m.•25 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Haoqisir Baidu Tongji generator allows Stored XSS.This issue affects Baidu Tongji generator: from n/a through 1.0.2...

5.8CVSS7.1AI score0.00061EPSS

Exploits0References1Affected Software1

CVE•added 2023/11/13 5:26 p.m.•48 views

CVE-2023-31230

CVE-2023-31230 is a CSRF vulnerability in the WordPress plugin Baidu Tongji generator (versions n/a through 1.0.2) that allows Stored XSS. The issue arises from Cross-Site Request Forgery in the plugin, enabling an attacker to induce stored script execution in the context of an authenticated user...

7.1CVSS7.1AI score0.00061EPSS

Exploits0References1Affected Software1

Cvelist•added 2023/11/13 5:26 p.m.•22 views

CVE-2023-31230 WordPress Baidu Tongji generator Plugin <= 1.0.2 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Haoqisir Baidu Tongji generator allows Stored XSS.This issue affects Baidu Tongji generator: from n/a through 1.0.2...

7.1CVSS7AI score0.00061EPSS

Exploits0References1

Positive Technologies•added 2023/11/13 12:0 a.m.•3 views

PT-2023-23252 · Baidu · Baidu Tongji Generator

Name of the Vulnerable Software and Affected Versions: Baidu Tongji generator versions n/a through 1.0.2 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS in the Haoqisir Baidu Tongji generator. Recommendations: For versions n/a through 1.0.2, as a...

7.1CVSS6.7AI score0.00061EPSS

Exploits0References3

CNNVD•added 2023/11/13 12:0 a.m.•1 views

WordPress Plugin baidu-tongji-generator Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

7.1CVSS6.5AI score0.00061EPSS

Exploits0References2

Patchstack•added 2023/07/04 12:0 a.m.•9 views

WordPress Baidu Tongji generator Plugin <= 1.0.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software Baidu Tongji generator Type Plugin Vulnerable versions = 1.0.2 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-31230 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 0cad143773c8 Credits LEE SE HYOUNG...

7.1CVSS6.6AI score0.00061EPSS

Exploits0References1Affected Software1

NVD•added 2023/05/18 10:15 a.m.•12 views

CVE-2023-31233

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Haoqisir Baidu Tongji generator plugin = 1.0.2 versions...

5.9CVSS5.4AI score0.00207EPSS

Exploits0References1

Cvelist•added 2023/05/18 9:30 a.m.•17 views

CVE-2023-31233 WordPress Baidu Tongji generator Plugin <= 1.0.2 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Haoqisir Baidu Tongji generator plugin = 1.0.2 versions...

5.9CVSS5.5AI score0.00207EPSS

Exploits0References1

CVE•added 2023/05/18 9:30 a.m.•35 views

CVE-2023-31233

CVE-2023-31233 affects the Baidu Tongji generator WordPress plugin (

5.9CVSS5.1AI score0.00207EPSS

Exploits0References1Affected Software1

Patchstack•added 2023/05/18 12:0 a.m.•11 views

WordPress Baidu Tongji generator Plugin <= 1.0.2 is vulnerable to Cross Site Scripting (XSS)

Software Baidu Tongji generator Type Plugin Vulnerable versions = 1.0.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-31233 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID fe808ce03ac6 Credits LEE SE HYOUNG...

5.9CVSS5.7AI score0.00207EPSS

Exploits0References1Affected Software1

WPVulnDB•added 2023/05/18 12:0 a.m.•21 views

Baidu Tongji generator <= 1.0.2 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.7AI score0.00207EPSS

Exploits0Affected Software1

CNNVD•added 2023/05/18 12:0 a.m.•2 views

WordPress plugin Baidu Tongji generator 跨站脚本漏洞

5.9CVSS6.3AI score0.00207EPSS

Exploits0References2

NVD•added 2022/02/19 12:15 a.m.•11 views

CVE-2021-44302

BaiCloud-cms v2.5.7 was discovered to contain multiple SQL injection vulnerabilities via the tongji and baidumap parameters in /user/ztconfig.php...

8.8CVSS0.00257EPSS

Exploits1References1

Rows per page