Lucene search
K

2019 matches found

Positive Technologies
Positive Technologies
added 2025/02/14 12:0 a.m.4 views

PT-2025-7014 · Unknown · Notfound Coronavirus (Covid-19) Outbreak Data Widgets

Name of the Vulnerable Software and Affected Versions: NotFound Coronavirus COVID-19 Outbreak Data Widgets versions 1.1.1 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS. This...

7.1CVSS9AI score0.00231EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/02/09 10:21 a.m.7 views

CVE-2025-25095

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in reverbnationdev ReverbNation Widgets reverbnation-widgets allows Stored XSS.This issue affects ReverbNation Widgets: from n/a through = 2.1...

6.5CVSS7.2AI score0.00259EPSS
Exploits0References1
NVD
NVD
added 2025/02/07 10:15 a.m.8 views

CVE-2025-25095

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in reverbnationdev ReverbNation Widgets reverbnation-widgets allows Stored XSS.This issue affects ReverbNation Widgets: from n/a through = 2.1...

6.5CVSS0.00259EPSS
Exploits0References1
CVE
CVE
added 2025/02/07 10:11 a.m.51 views

CVE-2025-25095

CVE-2025-25095 concerns the WordPress plugin ReverbNation Widgets. The available connected documentation confirms an XSS risk (Stored XSS) caused by improper neutralization of input during web page generation. Affected software is ReverbNation Widgets up to version 2.1 (versions n/a–2.1 noted in ...

6.5CVSS7.2AI score0.00259EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/07 10:11 a.m.14 views

CVE-2025-25095 WordPress ReverbNation Widgets plugin <= 2.1 - Cross Site Scripting (XSS) vulnerability<

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in reverbnationdev ReverbNation Widgets reverbnation-widgets allows Stored XSS.This issue affects ReverbNation Widgets: from n/a through = 2.1...

6.5CVSS0.00259EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/07 10:11 a.m.6 views

CVE-2025-25095 WordPress ReverbNation Widgets plugin <= 2.1 - Cross Site Scripting (XSS) vulnerability<

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in reverbnationdev ReverbNation Widgets allows Stored XSS. This issue affects ReverbNation Widgets: from n/a through 2.1...

6.5CVSS6.7AI score0.00259EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/02/07 12:0 a.m.5 views

PT-2025-5927 · Reverbnation · Reverbnation Widgets

Name of the Vulnerable Software and Affected Versions: ReverbNation Widgets versions n/a through 2.1 Description: The issue is related to improper neutralization of input during web page generation, which leads to a Cross-site Scripting XSS vulnerability, specifically Stored XSS. This allows for...

6.5CVSS8.4AI score0.00259EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/02/07 12:0 a.m.2 views

WordPress plugin ReverbNation Widgets 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.5CVSS8.2AI score0.00259EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/05 12:59 p.m.9 views

CVE-2024-25926

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in IndiaNIC Widgets Controller allows Reflected XSS.This issue affects Widgets Controller: from n/a through 1.1...

7.1CVSS8.7AI score0.00333EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 12:47 p.m.14 views

CVE-2024-43271

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Themelocation Woo Products Widgets For Elementor allows PHP Local File Inclusion.This issue affects Woo Products Widgets For Elementor: from n/a through 2.0.0...

8.5CVSS6.8AI score0.00552EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/05 12:40 p.m.10 views

CVE-2024-43304

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Cool Plugins Cryptocurrency Widgets – Price Ticker & Coins List allows Reflected XSS.This issue affects Cryptocurrency Widgets – Price Ticker & Coins List: from n/a through 2.8.0...

7.1CVSS6.8AI score0.0029EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 8:28 a.m.7 views

CVE-2024-47312

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Grim Classic Editor and Classic Widgets classic-editor-and-classic-widgets allows SQL Injection.This issue affects Classic Editor and Classic Widgets: from n/a through = 1.4.1...

8.5CVSS5.9AI score0.00407EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 8:6 a.m.9 views

CVE-2024-29792

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Unlimited Elements Unlimited Elements For Elementor Free Widgets, Addons, Templates unlimited-elements-for-elementor.This issue affects Unlimited Elements For Elementor Free Widgets, Addons,...

7.1CVSS7.2AI score0.0074EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 5:42 a.m.10 views

CVE-2024-49614

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in SermonAudio SermonAudio Widgets sermonaudio-widgets allows SQL Injection.This issue affects SermonAudio Widgets: from n/a through = 1.9.3...

8.8CVSS5.9AI score0.00432EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 2:25 a.m.7 views

CVE-2024-42020

A Cross-site-scripting XSS vulnerability exists in the Reporter Widgets that allows HTML injection...

7.3CVSS6.2AI score0.00384EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 12:52 a.m.17 views

CVE-2024-37090

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in StylemixThemes Masterstudy Elementor Widgets, StylemixThemes Consulting Elementor Widgets.This issue affects Masterstudy Elementor Widgets: from n/a through 1.2.2; Consulting Elementor Widgets: fro...

8.8CVSS7.6AI score0.0053EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/05 12:50 a.m.6 views

CVE-2024-37089

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in StylemixThemes Consulting Elementor Widgets allows PHP Local File Inclusion.This issue affects Consulting Elementor Widgets: from n/a through 1.3.0...

9.8CVSS6.9AI score0.00609EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/05 12:49 a.m.10 views

CVE-2024-37092

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in StylemixThemes Consulting Elementor Widgets allows PHP Local File Inclusion.This issue affects Consulting Elementor Widgets: from n/a through 1.3.0...

8.8CVSS6.9AI score0.00525EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/05 12:38 a.m.18 views

CVE-2024-37091

Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in StylemixThemes Consulting Elementor Widgets, StylemixThemes Masterstudy Elementor Widgets allows OS Command Injection.This issue affects Consulting Elementor Widgets: from n/a through 1.3.0;...

9.9CVSS6.9AI score0.01243EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/04 11:49 p.m.5 views

CVE-2024-22290

Cross-Site Request Forgery CSRF vulnerability in AboZain,O7abeeb,UnitOne Custom Dashboard Widgets allows Cross-Site Scripting XSS.This issue affects Custom Dashboard Widgets: from n/a through 1.3.1...

8.8CVSS8.4AI score0.00194EPSS
Exploits0References1
Rows per page
Query Builder