Lucene search
K

11 matches found

Patchstack
Patchstack
added 2024/11/15 12:0 a.m.13 views

WordPress Steel Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)

Software Steel Type Plugin Vulnerable versions = 1.3.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10147 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 1c80ca24b74c Credits Francesco Carlucci Required privile...

6.4CVSS6AI score0.00332EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/11/08 12:0 a.m.6 views

WordPress Mobile Kiosk Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)

Software Mobile Kiosk Type Plugin Vulnerable versions = 1.3.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51829 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 7924bf5d9424 Credits SOPROBRO Required privilege Contributor...

6.5CVSS6.5AI score0.00374EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/11/01 12:0 a.m.10 views

WordPress HT Builder – WordPress Theme Builder for Elementor Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)

Software HT Builder – WordPress Theme Builder for Elementor Type Plugin Vulnerable versions = 1.3.0 Fixed in 1.3.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51682 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 0f85ba0467c8 Credits Gab...

6.5CVSS6.7AI score0.00233EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/05/17 12:0 a.m.15 views

WordPress Penci Soledad Data Migrator Plugin <= 1.3.0 is vulnerable to Local File Inclusion

Software Penci Soledad Data Migrator Type Plugin Vulnerable versions = 1.3.0 Fixed in 1.3.1 OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2024-3551 Patch priority High CVSS severity High 9 Developer Claim ownership PSID 00732af89875 Credits M.Awad Required privilege...

9.8CVSS6.8AI score0.00689EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/03/28 12:0 a.m.11 views

WordPress Custom WooCommerce Checkout Fields Editor Plugin <= 1.3.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Custom WooCommerce Checkout Fields Editor Type Plugin Vulnerable versions = 1.3.0 Fixed in 1.3.1 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-30518 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 1753adeaf82a...

4.3CVSS6.6AI score0.00212EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2024/03/21 4:15 a.m.4 views

CVE-2023-48903

Stored Cross-Site Scripting XSS vulnerability in tramyardg autoexpress 1.3.0, allows remote unauthenticated attackers to inject arbitrary web script or HTML within parameter "imgType" via in uploadCarImages.php...

6.1CVSS6.5AI score0.00571EPSS
Exploits3References2
Positive Technologies
Positive Technologies
added 2024/01/10 12:0 a.m.2 views

PT-2024-10075 · Typogrify · Typogrify

Name of the Vulnerable Software and Affected Versions: Typogrify versions 0.0.0 through 1.3.0 Description: The issue is related to improper neutralization of input during web page generation, which allows for Cross-Site Scripting XSS. This can be exploited by a remote attacker to conduct an XSS...

5.5CVSS6AI score0.00215EPSS
Exploits0References4
Patchstack
Patchstack
added 2023/12/29 12:0 a.m.18 views

WordPress ARI Stream Quiz Plugin <= 1.3.0 is vulnerable to PHP Object Injection

Software ARI Stream Quiz Type Plugin Vulnerable versions = 1.3.0 Fixed in 1.3.1 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2023-52182 Patch priority High CVSS severity High 9.9 Developer Claim ownership PSID c9a4f35de1f1 Credits Rafie Muhammad Patchstack Required...

9.9CVSS6.8AI score0.00627EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/05/22 12:0 a.m.15 views

WordPress Contact Form Entries Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)

Software Contact Form Entries Type Plugin Vulnerable versions = 1.3.0 Fixed in 1.3.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-33311 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID eead2c1f0998 Credits Rafie Muhammad...

6.5CVSS5.7AI score0.00397EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/04/12 12:0 a.m.13 views

WordPress Video Central Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)

Software Video Central Type Plugin Vulnerable versions = 1.3.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0418 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 6114cbd9fcb5 Credits Lana Codes Required...

5.4CVSS5.6AI score0.00444EPSS
Exploits2References3Affected Software1
CNVD
CNVD
added 2018/03/20 12:0 a.m.5 views

Grav CMS system/src/Grav/Common/Twig/Twig.php file cross-site scripting vulnerability

Grav CMS is a scalable CMS Content Management System for personal blogs, small content publishing platforms and one-page product presentations. A cross-site scripting vulnerability exists in the system/src/Grav/Common/Twig/Twig.php file in Grav CMS version 1.3.0. A remote attacker can inject...

6.1CVSS6AI score0.03401EPSS
Exploits3References1
Rows per page
Query Builder