Lucene search
K

287 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 5:11 a.m.8 views

CVE-2023-32294

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Radical Web Design GDPR Cookie Consent Notice Box plugin = 1.1.6 versions...

5.9CVSS5.6AI score0.00439EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:52 a.m.9 views

CVE-2023-33322

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Etoile Web Design Front End Users allows Reflected XSS.This issue affects Front End Users: from n/a before 3.2.25...

7.1CVSS8.6AI score0.00379EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:24 a.m.8 views

CVE-2023-34005

Cross-Site Request Forgery CSRF vulnerability in Etoile Web Design Front End Users plugin = 3.2.24 versions...

8.8CVSS7.1AI score0.00263EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 7:52 p.m.5 views

CVE-2009-3822

PHP remote file inclusion vulnerability in Fiji Web Design Ajax Chat comajaxchat component 1.0 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALSmosConfigabsolutepath parameter to tests/ajcuser.php...

7.5CVSS8AI score0.02355EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 1:0 p.m.11 views

CVE-2024-25597

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Etoile Web Design Ultimate Reviews allows Stored XSS.This issue affects Ultimate Reviews: from n/a through 3.2.8...

7.1CVSS8.6AI score0.00375EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 4:11 a.m.10 views

CVE-2024-54288

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LDD Web Design LDD Directory Lite ldd-directory-lite allows Reflected XSS.This issue affects LDD Directory Lite: from n/a through = 3.3...

7.1CVSS7.2AI score0.00418EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 12:22 a.m.7 views

CVE-2024-31084

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pulsar Web Design Weekly Class Schedule allows Reflected XSS.This issue affects Weekly Class Schedule: from n/a through 3.19...

7.1CVSS8.6AI score0.00354EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/04 10:20 p.m.6 views

CVE-2024-53729

Cross-Site Request Forgery CSRF vulnerability in plumwd Blizzard Quotes blizzard-quotes allows Stored XSS.This issue affects Blizzard Quotes: from n/a through = 1.3...

7.1CVSS7.2AI score0.00152EPSS
Exploits0References1
NVD
NVD
added 2024/12/13 3:15 p.m.8 views

CVE-2024-54288

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LDD Web Design LDD Directory Lite ldd-directory-lite allows Reflected XSS.This issue affects LDD Directory Lite: from n/a through = 3.3...

7.1CVSS0.00418EPSS
Exploits0References1
NVD
NVD
added 2024/12/02 2:15 p.m.17 views

CVE-2024-53729

Cross-Site Request Forgery CSRF vulnerability in plumwd Blizzard Quotes blizzard-quotes allows Stored XSS.This issue affects Blizzard Quotes: from n/a through = 1.3...

7.1CVSS0.00152EPSS
Exploits0References1
CVE
CVE
added 2024/12/02 1:48 p.m.52 views

CVE-2024-53729

CVE-2024-53729 describes a CSRF-to-Stored-XSS issue in the WordPress plugin Blizzard Quotes , affecting versions up to 1.3 (n/a through 1.3). The connected sources corroborate the naming and vulnerability type but do not provide concrete exploitation steps, affected product/version ranges beyond ...

7.1CVSS7.2AI score0.00152EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/02 12:0 a.m.10 views

PT-2024-35837 · Unknown · Plumeria Web Design Blizzard Quotes

Name of the Vulnerable Software and Affected Versions: Plumeria Web Design Blizzard Quotes versions n/a through 1.3 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can perform unauthorized actions on the website. The estimat...

7.1CVSS9.1AI score0.00152EPSS
Exploits0References4
NVD
NVD
added 2024/11/01 3:15 p.m.15 views

CVE-2024-43343

Missing Authorization vulnerability in Etoile Web Design Order Tracking allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Order Tracking: from n/a through 3.3.12...

8.8CVSS0.00454EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/01 2:17 p.m.13 views

CVE-2024-43343 WordPress Order Tracking – WordPress Status Tracking Plugin plugin < 3.3.13 - Broken Access Control vulnerability

Missing Authorization vulnerability in Etoile Web Design Order Tracking allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Order Tracking: from n/a through 3.3.12...

4.3CVSS6.9AI score0.00454EPSS
Exploits0References1
CVE
CVE
added 2024/11/01 2:17 p.m.62 views

CVE-2024-43343

CVE-2024-43343 affects the WordPress Order Tracking (Order Tracking – WordPress Status Tracking Plugin) up to version 3.3.12, with Missing Authorization due to ACL enforcement gaps enabling unauthorized access to certain functions. Root cause: lack of proper authorization checks in Order Tracking...

8.8CVSS5.7AI score0.00454EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/11/01 12:0 a.m.6 views

PT-2024-30510 · Unknown · Etoile Web Design Order Tracking

Name of the Vulnerable Software and Affected Versions: Etoile Web Design Order Tracking versions n/a through 3.3.12 Description: The issue is related to a Missing Authorization vulnerability, which allows accessing functionality not properly constrained by ACLs. Recommendations: For versions n/a...

8.8CVSS6.5AI score0.00454EPSS
Exploits0References4
NVD
NVD
added 2024/10/29 2:15 p.m.31 views

CVE-2024-49632

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Senthil Vel CWD 3D Image Gallery cwd-3d-image-gallery allows Reflection Injection.This issue affects CWD 3D Image Gallery: from n/a through = 1.0...

7.1CVSS0.00281EPSS
Exploits0References1
OSV
OSV
added 2024/10/29 2:15 p.m.6 views

CVE-2024-49632

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Coral Web Design CWD 3D Image Gallery allows Reflected XSS.This issue affects CWD 3D Image Gallery: from n/a through 1.0...

6.1CVSS5.8AI score0.00281EPSS
Exploits0References1
CVE
CVE
added 2024/10/29 1:9 p.m.56 views

CVE-2024-49632

CVE-2024-49632 affects the WordPress plugin CWD 3D Image Gallery (versions

7.1CVSS5.9AI score0.00281EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/10/29 1:9 p.m.31 views

CVE-2024-49632 WordPress CWD 3D Image Gallery plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Senthil Vel CWD 3D Image Gallery cwd-3d-image-gallery allows Reflection Injection.This issue affects CWD 3D Image Gallery: from n/a through = 1.0...

7.1CVSS0.00281EPSS
Exploits0References1
Rows per page
Query Builder