Lucene search
+L

288 matches found

Patchstack
Patchstack
added 2024/08/16 12:19 p.m.6 views

WordPress Stripe Payments For WooCommerce plugin <= 1.9.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Stripe Payments For WooCommerce by Checkout versions = 1.9.1...

4.3CVSS7AI score0.00172EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/08/12 12:0 a.m.12 views

WordPress WP Bannerize Pro Plugin <= 1.9.0 is vulnerable to Cross Site Scripting (XSS)

Software WP Bannerize Pro Type Plugin Vulnerable versions = 1.9.0 Fixed in 1.9.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-7388 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID e13c4b78a18d Credits Nguyễn Trung Kiên...

4CVSS5.8AI score0.00246EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2024/08/12 12:0 a.m.5 views

WordPress plugin Linkify Text 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.3CVSS6.5AI score0.00482EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/08/09 12:32 a.m.6 views

WordPress Linkify Text plugin <= 1.9.1 - Unauthenticated Full Path Disclosure vulnerability

Unauthenticated Full Path Disclosure vulnerability discovered by stealthcopter in WordPress Plugin Linkify Text versions = 1.9.1...

5.3CVSS7AI score0.00482EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/08/09 12:0 a.m.5 views

PT-2024-38312 · WordPress · Linkify Text

Name of the Vulnerable Software and Affected Versions: Linkify Text plugin for WordPress versions up to and including 1.9.1 Description: The issue is related to Full Path Disclosure, which occurs because the plugin uses bootstrap and leaves test files with display errors enabled. This allows...

5.3CVSS6.6AI score0.00482EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2024/07/08 12:0 a.m.14 views

ZNC < 1.9.1 RCE Vulnerability

ZNC is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:znc:znc"; ifdescriptio...

9.8CVSS7.7AI score0.03862EPSS
Exploits0References1
OSV
OSV
added 2024/07/05 4:28 p.m.6 views

MGASA-2024-0257 Updated znc packages fix security vulnerability

In ZNC before 1.9.1, remote code execution can occur in modtcl via a KICK. CVE-2024-39844...

9.8CVSS9.8AI score0.03862EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/05/23 9:37 a.m.5 views

WordPress Responsive Contact Form Builder & Lead Generation Plugin plugin <= 1.9.1 - Authenticated (Subscriber+) Arbitrary Shortcode Execution vulnerability

Authenticated Subscriber+ Arbitrary Shortcode Execution vulnerability discovered by stealthcopter in WordPress Plugin Contact Form & Lead Form Elementor Builder versions = 1.9.1...

5.4CVSS7.1AI score0.00326EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/05/23 12:0 a.m.17 views

WordPress Contact Form & Lead Form Elementor Builder Plugin <= 1.9.1 is vulnerable to Content Injection

Software Contact Form & Lead Form Elementor Builder Type Plugin Vulnerable versions = 1.9.1 Fixed in 1.9.2 OWASP Top 10 A3: Injection Classification Content Injection CVE CVE-2024-4261 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 5d051149eabf Credits stealthcopter...

5.4CVSS6.8AI score0.00326EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2024/05/22 12:0 a.m.10 views

PT-2024-30062 · WordPress · Responsive Contact Form Builder & Lead Generation Plugin

Name of the Vulnerable Software and Affected Versions: The Responsive Contact Form Builder & Lead Generation Plugin plugin for WordPress versions up to, and including, 1.9.1 Description: The issue arises from the software's failure to properly validate a value before executing the do shortcode...

5.4CVSS7AI score0.00326EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/05/08 12:0 a.m.11 views

PT-2024-25990 · Unknown · Wpsoul Table Maker

Name of the Vulnerable Software and Affected Versions: Wpsoul Table Maker versions 1.9.1 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for stored cross-site scripting XSS. This means that an attacker can inject malicious...

5.9CVSS6.4AI score0.00338EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/05/08 12:0 a.m.8 views

WordPress plugin Table Maker 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

5.9CVSS6AI score0.00338EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/05/07 11:35 a.m.6 views

WordPress Table Maker plugin <= 1.9.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by CatFather Patchstack Alliance in WordPress Plugin Table Maker versions = 1.9.1...

5.9CVSS6.1AI score0.00338EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/05/07 12:0 a.m.25 views

WordPress Table Maker Plugin <= 1.9.1 is vulnerable to Cross Site Scripting (XSS)

Software Table Maker Type Plugin Vulnerable versions = 1.9.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-34574 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 7c1bf395ed48 Credits CatFather Required privilege Author Publishe...

5.9CVSS6.6AI score0.00338EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/05/03 9:16 a.m.11 views

WordPress Gutenverse plugin < 1.9.1 - Contributor+ Stored XSS vulnerability

Contributor+ Stored XSS vulnerability discovered by Dmtirii Ignatyev in WordPress Plugin Gutenverse versions 1.9.1...

6.1CVSS6.1AI score0.00442EPSS
Exploits2References1Affected Software1
CNNVD
CNNVD
added 2024/05/03 12:0 a.m.4 views

WordPress plugin Gutenverse 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

6.1CVSS6.5AI score0.00442EPSS
Exploits2References2
CNNVD
CNNVD
added 2024/04/29 12:0 a.m.5 views

WordPress plugin Solid Affiliate 日志信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A log information disclosu...

7.5CVSS6.2AI score0.00556EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/04/11 9:13 a.m.9 views

WordPress Sync Post With Other Site plugin <= 1.9.1 - Cross Site Request Forgery (CSRF) to XSS vulnerability

Cross Site Request Forgery CSRF to XSS vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin Sync Post With Other Site versions = 1.9.1...

7.1CVSS6.4AI score0.002EPSS
Exploits0Affected Software1
CVE
CVE
added 2024/03/31 6:30 p.m.69 views

CVE-2024-30541

CVE-2024-30541 is a CSRF vulnerability in LWS LWS Optimize, affecting versions up to 1.9.1. The connected Red Hat entry repeats the CSRF description and affected product, but the initial documents do not provide deeper root-cause analysis, confirmed impact details, or remediation specifics. Techn...

4.3CVSS8.5AI score0.002EPSS
Exploits0References1
OSV
OSV
added 2024/03/29 2:15 p.m.4 views

CVE-2022-47153

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPJobBoard Jobeleon Theme allows Reflected XSS.This issue affects Jobeleon Theme: from n/a through 1.9.1...

6.1CVSS5.8AI score
Exploits0References1
Rows per page
Query Builder