Lucene search
K

41 matches found

CVE
CVE
added 2023/11/09 8:25 p.m.43 views

CVE-2023-34031

CVE-2023-34031 describes a Cross-Site Request Forgery (CSRF) in the WordPress plugin bbPress Toolkit by Pascal Casier, affecting versions up to and including 1.0.12 . The vulnerability is unauthenticated and can be triggered when a user interacts with a crafted request, potentially allowing an at...

8.8CVSS8.9AI score0.00312EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/11/09 12:0 a.m.3 views

PT-2023-24647 · Pascal Casier · Bbpress Toolkit Plugin

Name of the Vulnerable Software and Affected Versions: Pascal Casier bbPress Toolkit plugin versions 1.0.12 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This means an attacker can trick a user into performing unintended actions on a web application that t...

8.8CVSS8.9AI score0.00312EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2023/10/18 12:27 p.m.22 views

CVE-2023-45065 WordPress Bulk NoIndex & NoFollow Toolkit Plugin <= 1.42 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Mad Fish Digital Bulk NoIndex & NoFollow Toolkit plugin = 1.42 versions...

7.1CVSS5.8AI score0.00331EPSS
Exploits0References1
Patchstack
Patchstack
added 2023/09/04 12:0 a.m.9 views

WordPress Bulk NoIndex & NoFollow Toolkit Plugin <= 1.5 is vulnerable to Broken Access Control

Software Bulk NoIndex & NoFollow Toolkit Type Plugin Vulnerable versions = 1.5 Fixed in 1.51 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-41688 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 59bc5cc02f90 Credits Skalucy Required...

6.6AI score0.00461EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/08/30 2:19 p.m.13 views

CVE-2023-34032 WordPress bbPress Toolkit Plugin <= 1.0.12 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Pascal Casier bbPress Toolkit plugin = 1.0.12 versions...

7.1CVSS5.9AI score0.00454EPSS
Exploits1References1
CVE
CVE
added 2023/08/30 2:19 p.m.51 views

CVE-2023-34032

CVE-2023-34032 is an unauthenticated reflected cross-site scripting (XSS) vulnerability in the bbPress Toolkit WordPress plugin, affecting versions ≤ 1.0.12. The underlying issue is an XSS flaw in the plugin’s handling of input, allowing malicious script injection that could affect site visitors....

7.1CVSS6AI score0.00454EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2023/08/30 2:19 p.m.34 views

CVE-2023-34032 WordPress bbPress Toolkit Plugin <= 1.0.12 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Pascal Casier bbPress Toolkit plugin = 1.0.12 versions...

7.1CVSS6.3AI score0.00454EPSS
Exploits1References1
NVD
NVD
added 2023/05/26 12:15 p.m.15 views

CVE-2023-23714

Cross-Site Request Forgery CSRF vulnerability in Uncanny Owl Uncanny Toolkit for LearnDash plugin = 3.6.4.1 versions...

8.8CVSS5.9AI score0.00271EPSS
Exploits0References1
NVD
NVD
added 2023/05/10 8:15 a.m.24 views

CVE-2023-23786

Auth. editor+ Stored Cross-Site Scripting XSS vulnerability in Christof Servit affiliate-toolkit plugin = 3.3.3 versions...

5.9CVSS5.4AI score0.00358EPSS
Exploits0References1
CVE
CVE
added 2023/05/10 7:19 a.m.36 views

CVE-2023-23786

CVE-2023-23786 concerns the WordPress affiliate-toolkit plugin from Christof Servit, with a Stored XSS issue exploitable by users with Editor+ permissions in versions

5.9CVSS5.2AI score0.00358EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2023/03/23 2:15 p.m.26 views

CVE-2023-22712

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in TemplatesNext TemplatesNext ToolKit plugin = 3.2.7 versions...

6.5CVSS5.8AI score0.00383EPSS
Exploits0References1
Prion
Prion
added 2023/03/23 2:15 p.m.16 views

Cross site scripting

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in TemplatesNext TemplatesNext ToolKit plugin = 3.2.7 versions...

4.9CVSS5.2AI score0.00383EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/23 12:35 p.m.8 views

CVE-2023-22712 WordPress TemplatesNext ToolKit Plugin <= 3.2.7 is vulnerable to Cross Site Scripting (XSS)

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in TemplatesNext TemplatesNext ToolKit plugin = 3.2.7 versions...

6.5CVSS5.6AI score0.00383EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 6:2 a.m.8 views

SUSE CVE-2009-3865

The launch method in the Deployment Toolkit plugin in Java Runtime Environment JRE in Sun Java SE in JDK and JRE 6 before Update 17 allows remote attackers to execute arbitrary commands via a crafted web page, aka Bug Id 6869752...

9.3CVSS7.6AI score0.09401EPSS
Exploits2References6
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.12 views

WordPress WooCommerce Store Toolkit plugin < 2.3.4 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress WooCommerce Store Toolkit plugin versions 2.3.4. Solution Update the WordPress WooCommerce Store Toolkit plugin to the latest available version at least 2.3.4...

2.3AI score
Exploits0References2Affected Software1
Kitploit
Kitploit
added 2015/01/20 2:1 p.m.71 views

ProGuard - Java class file Shrinker, Optimizer, Obfuscator and Preverifier

ProGuard is a free Java class file shrinker, optimizer, obfuscator, and preverifier. It detects and removes unused classes, fields, methods, and attributes. It optimizes bytecode and removes unused instructions. It renames the remaining classes, fields, and methods using short meaningless names...

7.2AI score
Exploits0
Cvelist
Cvelist
added 2013/10/25 2:0 p.m.32 views

CVE-2013-6280

Cross-site scripting XSS vulnerability in Social Sharing Toolkit plugin before 2.1.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.8AI score0.01602EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2009/12/23 5:33 p.m.8 views

java-1.6.0-sun: ACE in JRE Deployment Toolkit (6869752)

The launch method in the Deployment Toolkit plugin in Java Runtime Environment JRE in Sun Java SE in JDK and JRE 6 before Update 17 allows remote attackers to execute arbitrary commands via a crafted web page, aka Bug Id 6869752...

9.3CVSS6.2AI score0.09401EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2009/11/19 12:0 a.m.45 views

openSUSE Security Update : java-1_6_0-sun (java-1_6_0-sun-1541)

The Sun Java 6 SDK/JRE was updated to u17 update fixing bugs and various security issues : CVE-2009-3866:The Java Web Start Installer in Sun Java SE in JDK and JRE 6 before Update 17 does not properly use security model permissions when removing installer extensions, which allows remote attackers...

9.3CVSS6.6AI score0.73376EPSS
Exploits20References14
UbuntuCve
UbuntuCve
added 2009/11/05 4:30 p.m.21 views

CVE-2009-3865

The launch method in the Deployment Toolkit plugin in Java Runtime Environment JRE in Sun Java SE in JDK and JRE 6 before Update 17 allows remote attackers to execute arbitrary commands via a crafted web page, aka Bug Id 6869752...

9.3CVSS6.1AI score0.09401EPSS
Exploits2References3
Rows per page
Query Builder