Lucene search
K

12 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:44 a.m.7 views

CVE-2022-0600

The Conference Scheduler WordPress plugin before 2.4.3 does not sanitize and escape the tab parameter before outputting back in an admin page, leading to a Reflected Cross-Site Scripting...

6.1CVSS6.5AI score0.00788EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2015-9189

Malware in sbrugna...

6.1CVSS6.3AI score0.00913EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-17535

Malicious code in bioql PyPI...

6.1CVSS7AI score0.00378EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-33340

Malicious code in bioql PyPI...

6.1CVSS8.7AI score0.00363EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 8:50 a.m.6 views

CVE-2024-6072

The wp-cart-for-digital-products WordPress plugin before 8.5.5 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

6.1CVSS6.2AI score0.00325EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:23 p.m.7 views

CVE-2021-24697

The Simple Download Monitor WordPress plugin before 3.9.5 does not escape the 1 sdmactivetab GET parameter and 2 sdmstatsstartdate/sdmstatsenddate POST parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues...

6.1CVSS6.2AI score0.008EPSS
Exploits2References1
Cvelist
Cvelist
added 2025/04/17 3:46 p.m.17 views

CVE-2025-39567 WordPress Web Directory Free plugin <= 1.7.8 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Shamalli Web Directory Free web-directory-free allows Reflected XSS.This issue affects Web Directory Free: from n/a through = 1.7.8...

7.1CVSS0.00208EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/10 8:9 a.m.5 views

CVE-2025-32116 WordPress QR Master plugin <= 1.0.5 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Studi7 QR Master allows Reflected XSS. This issue affects QR Master: from n/a through 1.0.5...

7.1CVSS6.9AI score0.00257EPSS
Exploits0References1
CVE
CVE
added 2025/03/05 9:21 a.m.42 views

CVE-2024-13839

The CVE-2024-13839 entry concerns the Staff Directory Plugin: Company Directory (WordPress). It describes a Reflected Cross-Site Scripting vulnerability caused by insufficient escaping in add_query_arg, affecting all versions up to 4.3. The impact is unauthenticated injection of web scripts in pa...

6.1CVSS6.5AI score0.00322EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/03/03 1:30 p.m.18 views

CVE-2025-23526 WordPress Swift Calendar Online Appointment Scheduling plugin <= 1.3.3 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SwiftCloud Swift Calendar Online Appointment Scheduling online-appointment-scheduling-software allows Reflected XSS.This issue affects Swift Calendar Online Appointment Scheduling: from n/a through...

7.1CVSS0.00348EPSS
Exploits0References1
CVE
CVE
added 2025/02/13 6:0 a.m.76 views

CVE-2024-12586

CVE-2024-12586 affects Chalet-Montagne.com Tools WordPress plugin (

6.1CVSS6.1AI score0.0029EPSS
Exploits1References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/02/09 6:24 a.m.9 views

CVE-2024-13352

The Legull WordPress plugin through 1.2.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS8.6AI score0.00546EPSS
Exploits1References1
Rows per page
Query Builder