Lucene search
K

2019 matches found

OSV
OSV
added 2024/10/07 9:22 p.m.12 views

CVE-2024-47817 Unvalidated paragraph widget values can be used for Cross-site Scripting in lara-zeus

Lara-zeus Dynamic Dashboard simple way to manage widgets for your website landing page, and filament dashboard and Lara-zeus artemis is a collection of themes for the lara-zeus ecosystem. If values passed to a paragraph widget are not valid and contain a specific set of characters, applications a...

5.3CVSS6AI score0.00363EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/10/06 12:46 p.m.9 views

CVE-2024-44022 WordPress Review & testimonial widgets plugin <= 1.0.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Trustmary Review & testimonial widgets trustmary allows Stored XSS.This issue affects Review & testimonial widgets: from n/a through = 1.0.5...

6.5CVSS5.2AI score0.00251EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/10/06 12:0 a.m.2 views

PT-2024-30888 · Trustmary · Trustmary Review & Testimonial Widgets

Name of the Vulnerable Software and Affected Versions: Trustmary Review & testimonial widgets versions 1.0.0 through 1.0.5 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS in...

6.5CVSS5.8AI score0.00251EPSS
Exploits0References5
NVD
NVD
added 2024/10/05 1:15 p.m.18 views

CVE-2024-47643

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Alex Include Fussball.de Widgets include-fussball-de-widgets allows Stored XSS.This issue affects Include Fussball.de Widgets: from n/a through = 4.0.0...

6.5CVSS0.00231EPSS
Exploits0References1
CVE
CVE
added 2024/10/05 12:56 p.m.46 views

CVE-2024-47643

CVE-2024-47643 affects WordPress plugin Include Fussball.de Widgets

6.5CVSS5.9AI score0.00231EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/05 12:56 p.m.13 views

CVE-2024-47643 WordPress Include Fussball.de Widgets plugin <= 4.0.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Alex Include Fussball.de Widgets include-fussball-de-widgets allows Stored XSS.This issue affects Include Fussball.de Widgets: from n/a through = 4.0.0...

6.5CVSS5.2AI score0.00231EPSS
Exploits0References1
NVD
NVD
added 2024/10/05 8:15 a.m.27 views

CVE-2024-8486

The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter in the Modern Heading and Icon Picker widgets all versions up to, and including, 2.16.3 due to insufficient input sanitization and output escaping. This make...

6.4CVSS0.00354EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/10/05 7:39 a.m.19 views

CVE-2024-8486 Shortcodes and extra features for Phlox theme <= 2.16.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Modern Heading and Icon Picker Widgets

The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter in the Modern Heading and Icon Picker widgets all versions up to, and including, 2.16.3 due to insufficient input sanitization and output escaping. This make...

6.4CVSS5.8AI score0.00354EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/10/05 12:0 a.m.7 views

WordPress plugin Include Fussball.De Widgets 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

6.5CVSS6.2AI score0.00231EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/10/05 12:0 a.m.4 views

PT-2024-32701 · Unknown · Fussball.De Widgets

Name of the Vulnerable Software and Affected Versions: Include Fussball.De Widgets versions through 4.0.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS, where an attacker can...

6.5CVSS6.3AI score0.00231EPSS
Exploits0References5
Patchstack
Patchstack
added 2024/09/30 12:29 p.m.5 views

WordPress Include Fussball.de Widgets plugin <= 4.0.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin Include Fussball.de Widgets versions = 4.0.0...

6.5CVSS6.1AI score0.00231EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/09/30 12:0 a.m.9 views

WordPress Include Fussball.de Widgets Plugin <= 4.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Include Fussball.de Widgets Type Plugin Vulnerable versions = 4.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47643 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID e228304d4067 Credits stealthcopter Required...

6.5CVSS6.5AI score0.00231EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/09/25 10:45 a.m.3 views

WordPress Classic Editor and Classic Widgets plugin <= 1.4.1 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Hakiduck Patchstack Alliance in WordPress Plugin Classic Editor and Classic Widgets versions = 1.4.1...

8.5CVSS8.1AI score0.00407EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/09/25 12:0 a.m.18 views

WordPress Classic Editor and Classic Widgets Plugin <= 1.4.1 is vulnerable to SQL Injection

Software Classic Editor and Classic Widgets Type Plugin Vulnerable versions = 1.4.1 Fixed in 1.4.2 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-47312 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID bea053e6b42c Credits Hakiduck Required privilege...

8.5CVSS6.8AI score0.00407EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/09/24 10:2 a.m.1 views

WordPress Review & testimonial widgets plugin <= 1.0.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by theviper17 Patchstack Alliance in WordPress Plugin Review & testimonial widgets versions = 1.0.5...

6.5CVSS6.1AI score0.00251EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/09/24 12:0 a.m.8 views

WordPress Review & testimonial widgets Plugin <= 1.0.5 is vulnerable to Cross Site Scripting (XSS)

Software Review & testimonial widgets Type Plugin Vulnerable versions = 1.0.5 Fixed in 1.0.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-44022 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b905151529cd Credits theviper17 Required...

6.5CVSS6.8AI score0.00251EPSS
Exploits0References2Affected Software1
Fedora
Fedora
added 2024/09/22 2:21 a.m.23 views

[SECURITY] Fedora 40 Update: python-notebook-7.2.2-1.fc40

The Jupyter Notebook is a web application that allows you to create and share documents that contain live code, equations, visualizations, and explanatory text. The Notebook has support for multiple programming languages, sharing, and interactive widgets...

7.6CVSS7.6AI score0.00373EPSS
Exploits0
NVD
NVD
added 2024/09/07 5:15 p.m.19 views

CVE-2024-42020

A Cross-site-scripting XSS vulnerability exists in the Reporter Widgets that allows HTML injection...

7.3CVSS0.00384EPSS
Exploits0References1
OSV
OSV
added 2024/09/07 5:15 p.m.3 views

CVE-2024-42020

A Cross-site-scripting XSS vulnerability exists in the Reporter Widgets that allows HTML injection...

5.4CVSS5.8AI score0.00384EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/09/07 4:11 p.m.22 views

CVE-2024-42020

A Cross-site-scripting XSS vulnerability exists in the Reporter Widgets that allows HTML injection...

7.3CVSS6.5AI score0.00384EPSS
Exploits0References1
Rows per page
Query Builder