Lucene search
K

5 matches found

Positive Technologies
Positive Technologies
added 2026/01/14 12:0 a.m.11 views

PT-2026-2841

The WP Allowed Hosts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'allowed-hosts' parameter in all versions up to, and including, 1.0.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

4.4CVSS5AI score0.002EPSS
Exploits0References4
OSV
OSV
added 2025/01/23 10:15 a.m.5 views

CVE-2024-13511

The Variation Swatches for WooCommerce plugin, in all versions starting at 1.0.8 up until 1.3.2, contains a vulnerability due to improper nonce verification in its settings reset functionality. The issue exists in the settingsinit function, which processes a reset action based on specific query...

4.3CVSS5.8AI score0.00184EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/01/07 12:0 a.m.4 views

PT-2025-4562 · Unknown · Icons Enricher

Name of the Vulnerable Software and Affected Versions: Icons Enricher versions 1.0.8 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for stored Cross-site Scripting XSS. This enables attackers to inject malicious scripts...

6.5CVSS6.3AI score0.00267EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/06/03 12:0 a.m.5 views

PT-2024-14124 · Unknown · Universal Passport Rx

Name of the Vulnerable Software and Affected Versions: UNIVERSAL PASSPORT RX versions 1.0.0 through 1.0.8 Description: A cross-site scripting issue exists, which may allow a remote authenticated attacker with administrative privileges to execute an arbitrary script on the user's web browser...

5.9CVSS6.6AI score0.00247EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/01/31 12:0 a.m.6 views

PT-2024-16793 · Openbi · Openbi

Name of the Vulnerable Software and Affected Versions: openBI versions up to 1.0.8 Description: A critical issue has been found, affecting the function index of the file /application/plugins/controller/Upload.php. This leads to unrestricted upload and can be exploited remotely. The issue has been...

9.8CVSS7.5AI score0.00769EPSS
Exploits0References9
Rows per page
Query Builder