Lucene search
K

4 matches found

NVD
NVD
added 2025/09/18 6:15 a.m.6 views

CVE-2025-8942

The WP Hotel Booking WordPress plugin before 2.2.3 lacks proper server-side validation for review ratings, allowing an attacker to manipulate the rating value e.g., sending negative or out-of-range values by intercepting and modifying requests...

9.1CVSS0.00276EPSS
Exploits0References1
OSV
OSV
added 2024/05/17 9:15 a.m.4 views

CVE-2023-47868

Improper Privilege Management vulnerability in wpForo wpForo Forum allows Privilege Escalation.This issue affects wpForo Forum: from n/a through 2.2.3...

9.8CVSS5.8AI score0.00475EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/02/09 12:0 a.m.14 views

WordPress Honeypot for WP Comment Plugin <= 2.2.3 is vulnerable to Cross Site Scripting (XSS)

Software Honeypot for WP Comment Type Plugin Vulnerable versions = 2.2.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-24933 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 01642edd0b7b Credits Dimas Maulana Required...

7.1CVSS6.5AI score0.00331EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/02/14 8:15 p.m.3 views

UBUNTU-CVE-2023-23934

Werkzeug is a comprehensive WSGI web application library. Browsers may allow "nameless" cookies that look like =value instead of key=value. A vulnerable browser may allow a compromised application on an adjacent subdomain to exploit this to set a cookie like =Host-test=bad for another subdomain...

3.5CVSS6.9AI score0.00507EPSS
Exploits0References7
Rows per page
Query Builder