Lucene search
K

6 matches found

Patchstack
Patchstack
added 2026/01/07 11:31 a.m.7 views

WordPress Stumble! for WordPress plugin <= 1.1.1 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF'] vulnerability

Reflected Cross-Site Scripting via $SERVER'PHPSELF' vulnerability discovered by Abdulsamad Yusuf 0xVenus - Envorasec in WordPress Plugin Stumble! for WordPress versions = 1.1.1...

6.1CVSS6.2AI score0.00264EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/06/27 12:0 a.m.14 views

WordPress TrustedLogin Vendor Plugin < 1.1.1 is vulnerable to Sensitive Data Exposure

Software TrustedLogin Vendor Type Plugin Vulnerable versions 1.1.1 Fixed in 1.1.1 OWASP Top 10 A5: Security Misconfiguration Classification Sensitive Data Exposure CVE CVE-2024-37270 Patch priority Low CVSS severity Low 5.3 Developer TrustedLogin PSID d31d0f132840 Credits Dhabaleshwar Das Require...

5.3CVSS6.9AI score0.00418EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/10/23 12:0 a.m.4 views

Uvdesk Cross-Site Scripting Vulnerability

Uvdesk is a complete ticket support system open source by Uvdesk India. A security vulnerability exists in Uvdesk v1.1.1. An attacker exploits this vulnerability to execute arbitrary web script or HTML by injecting a specially crafted payload into the Message field when creating a ticket...

5.4CVSS6.8AI score0.00346EPSS
Exploits1References2
Patchstack
Patchstack
added 2023/05/31 12:0 a.m.13 views

WordPress CRM Perks Forms Plugin <= 1.1.1 is vulnerable to Cross Site Scripting (XSS)

Software CRM Perks Forms Type Plugin Vulnerable versions = 1.1.1 Fixed in 1.1.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2836 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 82373127ce0e Credits Unknown Required privile...

4.8CVSS6AI score0.00604EPSS
Exploits2References3Affected Software1
vulnersOsv
vulnersOsv
added 2022/01/19 8:53 a.m.4 views

moleculer-rabbitmq-extend-delay (=1.1.12) potentially affected by CVE-2020-7715 +1 more via deep-get-set (=1.1.1)

deep-get-set NPM version =1.1.1 is affected by a known vulnerability. The following packages have a transitive dependency on deep-get-set and may be impacted: - moleculer-rabbitmq-extend-delay =1.1.12 Source cves: CVE-2020-7715, CVE-2022-21231 Source advisory: SNYK:JS-DEEPGETSET-2342655...

9.8CVSS7.2AI score0.01965EPSS
Exploits2
securityvulns
securityvulns
added 2011/05/03 12:0 a.m.60 views

XSS in GOT.MY CLASSMATES

Product: CLASSMATES Vendor: http://www.got.my http://www.got.my/CLASSMATES/ Vulnerable Version: 1.1.1 Vulnerability Type: XSS Cross Site Scripting Risk level: Medium Credit: Hector.x90 Vulnerability Details: User can execute arbitrary JavaScript code within the vulnerable application. The...

0.4AI score
Exploits0
Rows per page
Query Builder