Lucene search
K

4 matches found

Patchstack
Patchstack
added 2025/08/21 3:33 a.m.4 views

WordPress Better Post & Filter Widgets for Elementor plugin <= 1.6.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Abu Hurayra Patchstack Alliance in WordPress Plugin Better Post & Filter Widgets for Elementor versions = 1.6.1...

6.5CVSS5.9AI score0.00196EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/01/17 12:0 a.m.10 views

WordPress Burst Statistics Plugin <= 1.5.3 is vulnerable to SQL Injection

Software Burst Statistics Type Plugin Vulnerable versions = 1.5.3 Fixed in 1.5.4 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-0405 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 5b21f7530708 Credits Ivan Spiridonov xbz0n Required privilege Editor...

7.2CVSS6.8AI score0.00622EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2018/03/22 5:29 a.m.2 views

CVE-2018-8899

IdentityServer IdentityServer4 1.x before 1.5.3 and 2.x before 2.1.3 does not encode the redirect URI on the authorization response page, which might lead to XSS in some configurations...

6.1CVSS5.4AI score0.01258EPSS
Exploits0References5
Typo3
Typo3
added 2010/09/22 12:0 a.m.22 views

TYPO3 Security Bulletin

It has been discovered that the extension powermail powermail is vulnerable to Cross-Site Scripting, SQL Injection and Validation Bypass Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 1.5.3 and below Vulnerability...

7.1AI score
Exploits0Affected Software1
Rows per page
Query Builder