Lucene search
K

10 matches found

NVD
NVD
added 2026/04/01 4:17 a.m.9 views

CVE-2026-5252

A security flaw has been discovered in z-9527 admin 1.0/2.0. Affected is an unknown function of the file /server/routes/message.js of the component Message Create Endpoint. Performing a manipulation results in cross site scripting. The attack can be initiated remotely. The exploit has been releas...

5.1CVSS0.00273EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/11/11 12:0 a.m.6 views

WordPress plugin Coon Google Maps 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. WordPress Coon Maps plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data,...

6.4CVSS5.8AI score0.00193EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/02/14 12:0 a.m.4 views

WordPress plugin Add custom content after post 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in...

7.1CVSS7.6AI score0.00285EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/01/16 6:41 p.m.5 views

WordPress WP FPO plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin WP FPO versions = 1.0...

7.1CVSS6.1AI score0.00262EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2024/11/19 12:0 a.m.5 views

PT-2024-34980 · Unknown · Best Bootstrap Widgets For Elementor

Name of the Vulnerable Software and Affected Versions: Best Bootstrap Widgets for Elementor versions 1.0 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for DOM-Based Cross-site Scripting XSS attacks. This means an attacke...

6.5CVSS6.3AI score0.00361EPSS
Exploits0References5
Patchstack
Patchstack
added 2024/11/15 9:43 p.m.7 views

WordPress PJW Mime Config plugin <= 1.0 - Authenticated (Author+) Stored Cross-Site Scripting vulnerability

Authenticated Author+ Stored Cross-Site Scripting vulnerability discovered by Francesco Carlucci in WordPress Plugin PJW Mime Config versions = 1.0...

6.4CVSS5.7AI score0.0032EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/11/09 12:0 a.m.1 views

PT-2024-34759 · Unknown · Awesomepress

Name of the Vulnerable Software and Affected Versions: AwesomePress versions 1.0 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks. Recommendations: For versions...

6.5CVSS5.8AI score0.00224EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/01/02 12:0 a.m.6 views

WordPress plugin Qe SEO Handyman SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in...

7.2CVSS7.3AI score0.01096EPSS
Exploits2References3
CNNVD
CNNVD
added 2023/01/02 12:0 a.m.6 views

WordPress plugin Qe SEO Handyman SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in...

7.2CVSS7.3AI score0.00983EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2022/01/10 12:0 a.m.5 views

PT-2022-12285 · Unknown · Laundry Booking Management System

Name of the Vulnerable Software and Affected Versions: Laundry Booking Management System versions 1.0 and earlier Description: The issue is related to a remote code execution RCE vulnerability. It affects the profile.php file through the image parameter, allowing the execution of a webshell...

9.8CVSS8.2AI score0.0301EPSS
Exploits1References5
Rows per page
Query Builder