Lucene search
K

91 matches found

WPVulnDB
WPVulnDB
added 2017/09/27 12:0 a.m.37 views

WordPress 4.2.3-4.8.1 - Authenticated Cross-Site Scripting (XSS) in Visual Editor

Description A cross-site scripting XSS vulnerability was discovered in the visual editor. Reported by Rodolfo Assis @brutelogic of Sucuri Security...

6.1CVSS6.3AI score0.02657EPSS
Exploits0References3
Prion
Prion
added 2017/09/23 8:29 p.m.15 views

Cross site scripting

Before version 4.8.2, WordPress was vulnerable to a cross-site scripting attack via shortcodes in the TinyMCE visual editor...

4.3CVSS6AI score0.02657EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2017/09/23 8:29 p.m.2 views

DEBIAN-CVE-2017-14726

Before version 4.8.2, WordPress was vulnerable to a cross-site scripting attack via shortcodes in the TinyMCE visual editor...

6.1CVSS6.3AI score0.02657EPSS
Exploits0References1
CVE
CVE
added 2017/09/23 8:0 p.m.317 views

CVE-2017-14726

CVE-2017-14726 affects WordPress up to version 4.8.1; a cross-site scripting (XSS) vulnerability exists through shortcodes in the TinyMCE visual editor. Exploitation could occur in contexts where crafted shortcodes are processed by the editor, enabling an attacker to inject arbitrary HTML/JavaScr...

6.1CVSS6.2AI score0.02657EPSS
In wildExploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
added 2017/09/23 12:0 a.m.55 views

CVE-2017-14726

Before version 4.8.2, WordPress was vulnerable to a cross-site scripting attack via shortcodes in the TinyMCE visual editor. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

6.1CVSS3.8AI score0.02657EPSS
In wildExploits0References7
CNVD
CNVD
added 2017/09/21 12:0 a.m.3 views

WordPress Visual Editor Cross-Site Scripting Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress visual editor. A remote attacker can exploit this vulnerability ...

6.1AI score
Exploits0References1
Patchstack
Patchstack
added 2017/09/19 12:0 a.m.11 views

WordPress <=4.8.1 - Cross-Site Scripting (XSS) vulnerability (visual editor)

Cross-Site Scripting XSS vulnerability found by Rodolfo Assis in WordPress visual editor version 4.8.1 and earlier versions. Solution Update the WordPress to the latest available version at least 4.8.2...

1.7AI score
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2015/05/08 12:0 a.m.15 views

FreeBSD : wordpress -- 2 XSS vulnerabilities (d86890da-f498-11e4-99aa-bcaec565249c)

Samuel Sidler reports : The Genericons icon font package, which is used in a number of popular themes and plugins, contained an HTML file vulnerable to a cross-site scripting attack. All affected themes and plugins hosted on WordPress.org including the Twenty Fifteen default theme have been updat...

5.4AI score
Exploits0References2
FreeBSD
FreeBSD
added 2015/05/07 12:0 a.m.11 views

wordpress -- 2 cross-site scripting vulnerabilities

Samuel Sidler reports: The Genericons icon font package, which is used in a number of popular themes and plugins, contained an HTML file vulnerable to a cross-site scripting attack. All affected themes and plugins hosted on WordPress.org including the Twenty Fifteen default theme have been update...

6.6AI score
Exploits0References1
securityvulns
securityvulns
added 2012/04/23 12:0 a.m.51 views

idev Game Site CMS v1.0 - Multiple Web Vulnerabilites

Title: ====== idev Game Site CMS v1.0 - Multiple Web Vulnerabilites Date: ===== 2012-04-08 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=494 VL-ID: ===== 494 Introduction: ============= Start your own Flash web game website. Search engine optimized. Embed your Adsense...

0.7AI score
Exploits0
myhack58
myhack58
added 2010/09/18 12:0 a.m.46 views

Kindeditor traverse the directory 0DAY-vulnerability warning-the black bar safety net

Author: sub - ↘meter Version: 3.4.2 Description: KindEditor is an open source HTML visual editor, mainly used to allow users on the site to get WYSIWYG editing effects, compatible with IE, Firefox, Chrome, Safari, Opera and other mainstream browser. KindEditor using JavaScript, you can seamlessly...

6.9AI score
Exploits0
Rows per page
Query Builder