Lucene search
+L

287 matches found

NVD
NVD
added 2024/04/15 10:15 a.m.20 views

CVE-2024-31921

Cross-Site Request Forgery CSRF vulnerability in Etoile Web Design Ultimate Product Catalogue.This issue affects Ultimate Product Catalogue: from n/a through 5.2.15...

4.3CVSS4.6AI score0.002EPSS
Exploits0References1
CVE
CVE
added 2024/04/15 9:27 a.m.54 views

CVE-2024-31921

Technical details (affected product version specifics, root cause, exploit info, and remediation) for CVE-2024-31921 are not provided in the connected documents; no patch/version info is present. Monitor vendor advisories for updates.

4.3CVSS5.1AI score0.002EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/15 9:27 a.m.39 views

CVE-2024-31921 WordPress Ultimate Product Catalog plugin <= 5.2.15 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Etoile Web Design Ultimate Product Catalogue.This issue affects Ultimate Product Catalogue: from n/a through 5.2.15...

4.3CVSS4.9AI score0.002EPSS
Exploits0References1
NVD
NVD
added 2024/03/31 8:15 p.m.16 views

CVE-2024-31084

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pulsar Web Design Weekly Class Schedule allows Reflected XSS.This issue affects Weekly Class Schedule: from n/a through 3.19...

7.1CVSS6.9AI score0.00354EPSS
Exploits0References1
CVE
CVE
added 2024/03/31 7:35 p.m.64 views

CVE-2024-31084

CVE-2024-31084 is a Reflected XSS in Pulsar Web Design Weekly Class Schedule (WordPress plugin) affecting versions up to 3.19. The description notes improper input neutralization during web page generation. The connected Red Hat entry and other sources corroborate the vulnerability as Cross‑Site ...

7.1CVSS8.6AI score0.00354EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/03/31 7:35 p.m.12 views

CVE-2024-31084 WordPress Weekly Class Schedule plugin <= 3.19 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pulsar Web Design Weekly Class Schedule allows Reflected XSS.This issue affects Weekly Class Schedule: from n/a through 3.19...

7.1CVSS6.9AI score0.00354EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/03/31 12:0 a.m.10 views

PT-2024-23752 · Unknown · Pulsar Web Design Weekly Class Schedule

Name of the Vulnerable Software and Affected Versions: Pulsar Web Design Weekly Class Schedule versions through 3.19 Description: The issue is related to improper neutralization of input during web page generation, which leads to a Cross-site Scripting XSS vulnerability. This allows for Reflected...

7.1CVSS8.4AI score0.00354EPSS
Exploits0References2
OSV
OSV
added 2024/03/26 9:15 a.m.5 views

CVE-2023-33322

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Etoile Web Design Front End Users allows Reflected XSS.This issue affects Front End Users: from n/a before 3.2.25...

6.1CVSS7.3AI score0.00379EPSS
Exploits0References1
NVD
NVD
added 2024/03/26 9:15 a.m.20 views

CVE-2023-33322

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Etoile Web Design Front End Users allows Reflected XSS.This issue affects Front End Users: from n/a before 3.2.25...

7.1CVSS6.9AI score0.00379EPSS
Exploits0References1
CVE
CVE
added 2024/03/26 8:48 a.m.50 views

CVE-2023-33322

CVE-2023-33322 affects WordPress plugin Front End Users (front-end-only users). The issue is an improper neutralization of input during web page generation, leading to Reflected XSS. Affected versions are before 3.2.25; patch to 3.2.25 fixes the vulnerability. Users should update to the fixed ver...

7.1CVSS8.6AI score0.00379EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/03/26 8:48 a.m.24 views

CVE-2023-33322 WordPress Front End Users plugin < 3.2.25 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Etoile Web Design Front End Users allows Reflected XSS.This issue affects Front End Users: from n/a before 3.2.25...

7.1CVSS7.1AI score0.00379EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/03/26 12:0 a.m.11 views

PT-2024-12427 · Unknown · Etoile Web Design Front End Users

Name of the Vulnerable Software and Affected Versions: Etoile Web Design Front End Users versions prior to 3.2.25 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. This means that an...

7.1CVSS9.4AI score0.00379EPSS
Exploits0References6
OSV
OSV
added 2024/03/15 2:15 p.m.8 views

CVE-2024-25597

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Etoile Web Design Ultimate Reviews allows Stored XSS.This issue affects Ultimate Reviews: from n/a through 3.2.8...

6.1CVSS5.8AI score0.00375EPSS
Exploits0References1
NVD
NVD
added 2024/03/15 2:15 p.m.22 views

CVE-2024-25597

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Etoile Web Design Ultimate Reviews allows Stored XSS.This issue affects Ultimate Reviews: from n/a through 3.2.8...

7.1CVSS6.9AI score0.00375EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/15 2:1 p.m.34 views

CVE-2024-25597 WordPress Ultimate Reviews plugin <= 3.2.8 - Unauthenticated Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Etoile Web Design Ultimate Reviews allows Stored XSS.This issue affects Ultimate Reviews: from n/a through 3.2.8...

7.1CVSS7AI score0.00375EPSS
Exploits0References1
CVE
CVE
added 2024/03/15 2:1 p.m.69 views

CVE-2024-25597

CVE-2024-25597 affects WordPress plugin Ultimate Reviews (Etoile Web Design) up to version 3.2.8. The issue is unauthorized, stored XSS triggered via the reviews feature due to improper input handling during page generation. The vulnerability is addressed in version 3.2.9 (patched). No exploitati...

7.1CVSS8.6AI score0.00375EPSS
Exploits0References1Affected Software1
Openbugbounty
Openbugbounty
added 2024/03/13 5:29 a.m.7 views

df543ghfdzr.webdesign-inspiration.com Cross Site Scripting vulnerability OBB-3870264

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2024/03/10 10:27 a.m.10 views

best-web-design-tools.com Cross Site Scripting vulnerability OBB-3868752

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Fedora
Fedora
added 2024/03/07 10:33 p.m.27 views

[SECURITY] Fedora 40 Update: velocity-2.3-5.fc40

Velocity is a Java-based template engine. It permits anyone to use the simple yet powerful template language to reference objects defined in Java code. When Velocity is used for web development, Web designers can work in parallel with Java programmers to develop web sites according to the...

8.8CVSS7.2AI score0.02578EPSS
Exploits3
NVD
NVD
added 2023/10/04 11:15 a.m.23 views

CVE-2023-25980

Cross-Site Request Forgery CSRF vulnerability in CAGE Web Design | Rolf van Gelder Optimize Database after Deleting Revisions plugin = 5.1 versions...

8.8CVSS5.8AI score0.00214EPSS
Exploits0References1
Rows per page
Query Builder