Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

5210 matches found

OSV
OSVadded 2022/03/01 2:15 a.m.11 views

CVE-2022-25020

A cross-site scripting XSS vulnerability in Pluxml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the thumbnail path of a blog post...

5.4CVSS5.6AI score0.00997EPSS
Exploits2References4
Prion
Prionadded 2022/03/01 2:15 a.m.15 views

Cross site scripting

A cross-site scripting XSS vulnerability in Pluxml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the thumbnail path of a blog post...

3.5CVSS5.3AI score0.00997EPSS
Exploits2References4Affected Software1
UbuntuCve
UbuntuCveadded 2022/03/01 2:15 a.m.25 views

CVE-2022-25020

A cross-site scripting XSS vulnerability in Pluxml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the thumbnail path of a blog post...

5.4CVSS6.2AI score0.00997EPSS
Exploits1References5
Cvelist
Cvelistadded 2022/03/01 1:27 a.m.14 views

CVE-2022-25022

A cross-site scripting XSS vulnerability in Htmly v2.8.1 allows attackers to excute arbitrary web scripts HTML via a crafted payload in the content field of a blog post...

5.3AI score0.00688EPSS
Exploits1References5
Cvelist
Cvelistadded 2022/03/01 1:26 a.m.16 views

CVE-2022-25020

A cross-site scripting XSS vulnerability in Pluxml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the thumbnail path of a blog post...

5.4AI score0.00997EPSS
Exploits1References4
Debian CVE
Debian CVEadded 2022/03/01 1:26 a.m.65 views

CVE-2022-25020

Removed by vendor...

5.4CVSS5.5AI score0.00997EPSS
Exploits1
CNVD
CNVDadded 2022/03/01 12:0 a.m.16 views

WordPress Photoswipe Masonry Gallery plugin跨站脚本漏洞

WordPress is the Wordpress Foundation's suite of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. WordPress Photoswipe Masonry Gallery plugin has a cross-site scripting vulnerability, which can be exploited by...

6.4CVSS2.2AI score0.00182EPSS
Exploits3References1
CNVD
CNVDadded 2022/02/28 12:0 a.m.15 views

WordPress WP Statistics plugin cross-site scripting vulnerability (CNVD-2022-46465)

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. WordPress plugin is a WordPress open source application plugin. WordPress WP Statistics plugin 13.1.5 and earlier versions have a cross-site scripting vulnerability that can be exploited by attacker...

7.2CVSS2.1AI score0.07878EPSS
Exploits1References1
NVD
NVDadded 2022/02/25 7:15 p.m.12 views

CVE-2021-37504

A cross-site scripting XSS vulnerability in the fileNameStr parameter of jQuery-Upload-File v4.0.11 allows attackers to execute arbitrary web scripts or HTML via a crafted file with a Javascript payload in the file name...

6.1CVSS0.00717EPSS
Exploits0References7
OSV
OSVadded 2022/02/25 7:15 p.m.10 views

CVE-2021-42244

A cross-site scripting XSS vulnerability in PaquitoSoftware Notimoo v1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted title or message in a notification...

6.1CVSS5.7AI score
Exploits0References1
Prion
Prionadded 2022/02/25 7:15 p.m.12 views

Cross site scripting

A cross-site scripting XSS vulnerability in PaquitoSoftware Notimoo v1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted title or message in a notification...

4.3CVSS5.9AI score0.00305EPSS
Exploits1References1Affected Software1
Prion
Prionadded 2022/02/25 7:15 p.m.19 views

Cross site scripting

A cross-site scripting XSS vulnerability in the fileNameStr parameter of jQuery-Upload-File v4.0.11 allows attackers to execute arbitrary web scripts or HTML via a crafted file with a Javascript payload in the file name...

4.3CVSS5.9AI score0.00717EPSS
Exploits0References7Affected Software1
Cvelist
Cvelistadded 2022/02/25 6:15 p.m.9 views

CVE-2021-42244

A cross-site scripting XSS vulnerability in PaquitoSoftware Notimoo v1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted title or message in a notification...

6AI score0.00305EPSS
Exploits1References1
NVD
NVDadded 2022/02/24 7:15 p.m.10 views

CVE-2022-25305

The WP Statistics WordPress plugin is vulnerable to Cross-Site Scripting due to insufficient escaping and sanitization of the IP parameter found in the /includes/class-wp-statistics-ip.php file which allows attackers to inject arbitrary web scripts onto several pages that execute when site...

7.2CVSS0.07878EPSS
Exploits1References3
Prion
Prionadded 2022/02/24 7:15 p.m.20 views

Cross site scripting

The Profile Builder – User Profile & User Registration Forms WordPress plugin is vulnerable to Cross-Site Scripting due to insufficient escaping and sanitization of the siteurl parameter found in the /assets/misc/fallback-page.php file which allows attackers to inject arbitrary web scripts onto a...

4.3CVSS5.9AI score0.0565EPSS
Exploits3References2Affected Software1
Prion
Prionadded 2022/02/24 7:15 p.m.13 views

Cross site scripting

The WP Statistics WordPress plugin is vulnerable to Cross-Site Scripting due to insufficient escaping and sanitization of the browser parameter found in the /includes/class-wp-statistics-visitor.php file which allows attackers to inject arbitrary web scripts onto several pages that execute when...

4.3CVSS6AI score0.01669EPSS
Exploits1References3Affected Software1
Prion
Prionadded 2022/02/24 7:15 p.m.17 views

Cross site scripting

The Essential Addons for Elementor Lite WordPress plugin is vulnerable to Cross-Site Scripting due to insufficient escaping and sanitization of the settings parameter found in the /includes/Traits/Helper.php file which allows attackers to inject arbitrary web scripts onto a pages that executes...

4.3CVSS6AI score0.0021EPSS
Exploits0References2Affected Software1
Prion
Prionadded 2022/02/24 7:15 p.m.13 views

Cross site scripting

The WP Statistics WordPress plugin is vulnerable to Cross-Site Scripting due to insufficient escaping and sanitization of the IP parameter found in the /includes/class-wp-statistics-ip.php file which allows attackers to inject arbitrary web scripts onto several pages that execute when site...

4.3CVSS6AI score0.07878EPSS
Exploits1References3Affected Software1
Prion
Prionadded 2022/02/24 7:15 p.m.15 views

Cross site scripting

The WP Statistics WordPress plugin is vulnerable to Cross-Site Scripting due to insufficient escaping and sanitization of the platform parameter found in the /includes/class-wp-statistics-hits.php file which allows attackers to inject arbitrary web scripts onto several pages that execute when sit...

4.3CVSS6AI score0.01161EPSS
Exploits1References3Affected Software1
Cvelist
Cvelistadded 2022/02/24 6:27 p.m.8 views

CVE-2022-25307 WP Statistics <= 13.1.5 Unauthenticated Stored Cross-Site Scripting via platform

The WP Statistics WordPress plugin is vulnerable to Cross-Site Scripting due to insufficient escaping and sanitization of the platform parameter found in the /includes/class-wp-statistics-hits.php file which allows attackers to inject arbitrary web scripts onto several pages that execute when sit...

7.2CVSS7.2AI score0.01161EPSS
Exploits1References3
Rows per page
Query Builder