Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 10:30 a.m.11 views

CVE-2024-6926

The Viral Signup WordPress plugin through 2.1 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...

9.8CVSS7.2AI score0.03292EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:28 a.m.10 views

CVE-2024-6927

The Viral Signup WordPress plugin through 2.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.7AI score0.00351EPSS
Exploits1References1
OSV
OSV
added 2024/09/04 6:15 a.m.5 views

CVE-2024-6926

The Viral Signup WordPress plugin through 2.1 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...

9.8CVSS5.8AI score0.03292EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/09/04 12:0 a.m.4 views

WordPress plugin Viral Signup 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

9.8CVSS7.6AI score0.03292EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/09/03 12:0 a.m.11 views

PT-2024-37964 · WordPress · Viral Signup

Name of the Vulnerable Software and Affected Versions: Viral Signup WordPress plugin versions 2.1 and earlier Description: The issue arises from the plugin's failure to properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated user...

9.8CVSS7.3AI score0.03292EPSS
Exploits1References8
Patchstack
Patchstack
added 2024/08/29 12:23 p.m.7 views

WordPress Viral Signup plugin <= 2.1 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin Viral Signup versions = 2.1...

4.8CVSS6.1AI score0.00351EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2024/08/29 11:15 a.m.6 views

CVE-2024-6927

The Viral Signup WordPress plugin through 2.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.8AI score0.00351EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/08/28 12:0 a.m.7 views

PT-2024-37965 · WordPress · Viral Signup

Name of the Vulnerable Software and Affected Versions: Viral Signup WordPress plugin versions 2.1 and earlier Description: The issue concerns the Viral Signup WordPress plugin, which does not properly sanitise and escape some of its settings. This could allow high-privilege users, such as...

4.8CVSS5.6AI score0.00351EPSS
Exploits1References8
Rows per page
Query Builder