Lucene search
+L

4 matches found

NVD
NVD
added 2026/03/05 9:16 p.m.12 views

CVE-2026-28405

MarkUs is a web application for the submission and grading of student assignments. Prior to version 2.9.1, the courses//assignments//submissions/htmlcontent route reads the contents of a student-submitted file and renders them without sanitization. This issue has been patched in version 2.9.1...

8CVSS0.00223EPSS
Exploits0References3
EUVD
EUVD
added 2025/11/06 8:26 a.m.4 views

EUVD-2025-37981

The Strong Testimonials plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.2.16. This is due to the software allowing users to submit a testimonial in which a value is not properly validated or sanitized prior to being passed to a doshortco...

4.3CVSS6.2AI score0.00262EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/07/30 12:0 a.m.5 views

PT-2024-37324 · WordPress · Donation Block For Paypal

Name of the Vulnerable Software and Affected Versions: The Donation Block For PayPal WordPress plugin versions through 2.1.0 Description: The issue is related to a stored cross-site scripting problem. This occurs because the plugin does not properly sanitise and escape form submissions...

6.8CVSS5.6AI score0.00447EPSS
Exploits1References4
OSV
OSV
added 2024/06/04 6:15 a.m.4 views

CVE-2024-4857

The FS Product Inquiry WordPress plugin through 1.1.1 does not sanitise and escape some form submissions, which could allow unauthenticated users to perform Stored Cross-Site Scripting attacks...

6.1CVSS5.8AI score
Exploits0References1
Rows per page
Query Builder