Lucene search
K

8 matches found

CNNVD
CNNVD
added 2024/09/25 12:0 a.m.4 views

WordPress plugin ShopLentor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin... A cross-site scripting...

6.4CVSS5.8AI score0.0037EPSS
Exploits0References5
Patchstack
Patchstack
added 2024/04/19 1:39 p.m.7 views

WordPress RSS Feed Widget plugin <= 2.9.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin RSS Feed Widget versions = 2.9.7...

5.9CVSS6.1AI score0.00338EPSS
Exploits0Affected Software1
ATTACKERKB
ATTACKERKB
added 2023/08/28 9:15 p.m.4 views

CVE-2023-38969

Cross Site Scripting vulnerabiltiy in Badaso v.2.9.7 allows a remote attacker to execute arbitrary code via a crafted payload to the title parameter in the new book and edit book function...

5.4CVSS6.5AI score0.00589EPSS
Exploits1References3
Circl
Circl
added 2022/09/13 12:24 a.m.7 views

CVE-2022-2979

creationtimestamp| type| source ---|---|--- 2022-09-13 00:24:56+00:00| seen| https://t.me/cibsecurity/49614...

7.8CVSS7.5AI score0.00236EPSS
Exploits0References1
Circl
Circl
added 2022/06/21 6:27 p.m.8 views

CVE-2022-32974

creationtimestamp| type| source ---|---|--- 2022-06-21 18:27:49+00:00| seen| https://t.me/cibsecurity/44904...

6.5CVSS7.2AI score0.00704EPSS
Exploits0References1
Circl
Circl
added 2022/06/04 2:55 p.m.6 views

CVE-2022-29778

creationtimestamp| type| source ---|---|--- 2022-06-04 14:55:44+00:00| seen| https://t.me/cibsecurity/43834...

8.8CVSS7.2AI score0.02474EPSS
Exploits1References1
Circl
Circl
added 2022/05/26 4:14 p.m.7 views

CVE-2022-29721

creationtimestamp| type| source ---|---|--- 2022-05-26 16:14:08+00:00| seen| https://t.me/cibsecurity/43373...

7.5CVSS7.3AI score0.00991EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2019/04/17 9:3 p.m.9 views

jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class

FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery SSRF attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization...

10CVSS7.4AI score0.10458EPSS
Exploits0References4
Rows per page
Query Builder