Lucene search
K

6 matches found

Patchstack
Patchstack
added 2025/05/16 1:9 p.m.4 views

WordPress Seven Stars theme <= 1.4.4 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Seven Stars versions = 1.4.4...

4.3CVSS6.9AI score0.00174EPSS
Exploits0Affected Software1
vulnersOsv
vulnersOsv
added 2025/04/20 9:30 p.m.7 views

@quasar/quasar-app-extension-qmarkdown (>=1.0.0 <=1.4.4), @sourcedigital/jsonforms-vue2-quasar-v1 (>=0.1.3 <=0.1.5) +8 more potentially affected by CVE-2025-43954 via @quasar/quasar-ui-qmarkdown (=1.4.4)

@quasar/quasar-ui-qmarkdown NPM version =1.4.4 is affected by a known vulnerability. The following packages have a transitive dependency on @quasar/quasar-ui-qmarkdown and may be impacted: - @quasar/quasar-app-extension-qmarkdown =1.0.0, =0.1.3, =0.0.1, =0.10.7, =0.0.1, =0.0.3, =0.0.1, =0.10.2,...

6.1CVSS5.8AI score0.00173EPSS
Exploits0
Patchstack
Patchstack
added 2024/11/12 12:0 a.m.11 views

WordPress Slickstream Plugin <= 1.4.4 is vulnerable to Cross Site Scripting (XSS)

Software Slickstream Type Plugin Vulnerable versions = 1.4.4 Fixed in 2.0.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10179 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 483fb63a8894 Credits Peter Thaleikis Required...

6.4CVSS5.7AI score0.00317EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/10/18 12:0 a.m.12 views

WordPress Open Graph Metabox Plugin <= 1.4.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software Open Graph Metabox Type Plugin Vulnerable versions = 1.4.4 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-46191 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 7aa3a95b4491 Credits LEE SE HYOUNG...

8.8CVSS6.5AI score0.00277EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/03/03 12:0 a.m.11 views

WordPress WooVIP – Membership plugin for WordPress and WooCommerce Plugin <= 1.4.4 is vulnerable to Server Side Request Forgery (SSRF)

Software WooVIP – Membership plugin for WordPress and WooCommerce Type Plugin Vulnerable versions = 1.4.4 Fixed in N/A OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2022-40700 Patch priority Low CVSS severity Low 8.2 Developer Claim ownership PSID f21710078bd7...

9.8CVSS9.5AI score0.00999EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2020/02/04 8:15 p.m.3 views

UBUNTU-CVE-2020-8124

Insufficient validation and sanitization of user input exists in url-parse npm package version 1.4.4 and earlier may allow attacker to bypass security checks...

5.3CVSS6.8AI score0.01652EPSS
Exploits1References5
Rows per page
Query Builder