Lucene search
K

14 matches found

CVE
CVE
added 2026/05/13 2:22 p.m.14 views

CVE-2020-37225

Powie’s WHOIS Domain Check 0.9.31 has a persistent cross-site scripting (XSS) vulnerability in pwhois_settings.php, exploitable by authenticated attackers via unsanitized input in plugin settings (textarea/input fields). This can execute JavaScript in the admin context and may enable privilege es...

6.4CVSS5.9AI score0.00243EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/13 2:22 p.m.6 views

CVE-2020-37225

Powie's WHOIS Domain Check 0.9.31 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject arbitrary JavaScript by exploiting unsanitized input fields in plugin settings. Attackers can submit malicious payloads through textarea and input elements in t...

6.4CVSS5.9AI score0.00243EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.11 views

PT-2026-40626

Powie's WHOIS Domain Check 0.9.31 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject arbitrary JavaScript by exploiting unsanitized input fields in plugin settings. Attackers can submit malicious payloads through textarea and input elements in t...

6.4CVSS5.9AI score0.00243EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-9725

Malware in sbrugna...

6.1CVSS6.3AI score0.00966EPSS
Exploits2References3
CNVD
CNVD
added 2020/07/17 12:0 a.m.2 views

Wordpress Plugin Powie's WHOIS Domain Check Stored Cross-Site Scripting Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A stored cross-site scripting vulnerability exists in the Wordpress plugin Powie's WHOIS Domain Check. An attacker can exploi...

6AI score
Exploits0References1
WPVulnDB
WPVulnDB
added 2020/07/09 12:0 a.m.12 views

Powie's WHOIS Domain Check < 0.9.33 - Authenticated Stored Cross-Site Scripting

The plugin does not properly sanitise and encode user input when output back in its settings page, leading to authenticated from high privileged users stored Cross-Site Scripting XSS issues...

2AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2020/07/09 12:0 a.m.14 views

WordPress Powie's WHOIS Domain Check plugin <= 0.9.31 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by mqt in WordPress Powie's WHOIS Domain Check plugin versions = 0.9.31. Solution Update the WordPress Powie's WHOIS Domain Check plugin to the latest available version at least 0.9.33...

3.2AI score
Exploits0References2Affected Software1
CNVD
CNVD
added 2019/09/17 12:0 a.m.1 views

WordPress wp-whois-domain plugin cross-site scripting vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in version 1.0.0 of the WordPress wp-whois-domain plugin. The...

6.1CVSS6.3AI score0.00966EPSS
Exploits2References1
NVD
NVD
added 2019/09/13 12:15 p.m.18 views

CVE-2017-18612

The wp-whois-domain plugin 1.0.0 for WordPress has XSS via the pages/func-whois.php domain parameter...

6.1CVSS6.1AI score0.00966EPSS
Exploits2References2
Prion
Prion
added 2019/09/13 12:15 p.m.13 views

Design/Logic Flaw

The wp-whois-domain plugin 1.0.0 for WordPress has XSS via the pages/func-whois.php domain parameter...

4.3CVSS6AI score0.00966EPSS
Exploits2References2Affected Software1
CVE
CVE
added 2019/09/13 11:40 a.m.45 views

CVE-2017-18612

The CVE-2017-18612 entry affects WordPress plugin wp-whois-domain version 1.0.0. The issue is an XSS vulnerability in pages/func-whois.php domain parameter, caused by insufficient validation of client-side data. Exploitation is described as unauthenticated in several sources (WPVulndb/Exploits), ...

6.1CVSS6AI score0.00966EPSS
Exploits2References2Affected Software1
Kitploit
Kitploit
added 2018/07/11 10:13 p.m.12 views

Black Owl - Tool To Gather Information, Based On Operative-Framework

This is a simple tool to gather information, based on Operative-Framework. Requirements requests pythonwhois beautifulsoup4 Install requirements $ pip install -r requirements.txt How to use $ git clone https://github.com/qqwaszx/blackowl.git $ python main.py : blackowl help Modules /core/modules/...

7.1AI score
Exploits0References2
Patchstack
Patchstack
added 2016/11/28 12:0 a.m.9 views

WordPress Whois Domain Plugin - Cross Site Scripting

This plugin is prone to a cross site scripting vulnerability. Solution Update the plugin...

1.9AI score
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2016/11/28 12:0 a.m.14 views

WP Whois Domain <= 1.0.0 - Unauthenticated Cross-Site Scripting (XSS)

The plugin is still affected and has been closed. PoC...

4.3CVSS1.7AI score0.00966EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder