Lucene search
K

2028 matches found

WPVulnDB
WPVulnDB
added 2017/09/10 12:0 a.m.4 views

Display Widgets 2.6.0-2.6.3.1 - Backdoored

The display-widgets WordPress plugin was affected by a Backdoored security vulnerability...

2.7AI score
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2017/09/10 12:0 a.m.8 views

WordPress Display Widgets plugin 2.6.0-2.6.3.1 - Backdoored (includes hacking tool)

The possible backdoor hacking tool found in WordPress Display Widgets plugin versions 2.6.0-2.6.3.1 by SEO Dave. Solution Deactivate and remove the WordPress Display Widgets plugin. For now, this plugin removed from WordPress plugin repository...

3.1AI score
Exploits0References1Affected Software1
Hacker One
Hacker One
added 2017/08/21 10:49 p.m.28 views

Gratipay: Show hide privacy giving receiving on my website

Hi team .. I found show hide privacy settings on website ... nobody can see on my profile but i put code on my website anybode can see my total giving .. Step reprodence .. 1- go to https://gratipay.com/demo/settings/ click turn on hide total to giving other and hide my self from search result th...

7.1AI score
Exploits0
OSV
OSV
added 2017/01/15 2:59 a.m.1 views

DEBIAN-CVE-2017-5492

Cross-site request forgery CSRF vulnerability in the widget-editing accessibility-mode feature in WordPress before 4.7.1 allows remote attackers to hijack the authentication of unspecified victims for requests that perform a widgets-access action, related to wp-admin/includes/class-wp-screen.php...

8.8CVSS8.9AI score0.0193EPSS
Exploits0References1
OSV
OSV
added 2017/01/15 2:59 a.m.28 views

CVE-2017-5492

Cross-site request forgery CSRF vulnerability in the widget-editing accessibility-mode feature in WordPress before 4.7.1 allows remote attackers to hijack the authentication of unspecified victims for requests that perform a widgets-access action, related to wp-admin/includes/class-wp-screen.php...

8.8CVSS7.2AI score
Exploits0References8
Prion
Prion
added 2017/01/15 2:59 a.m.28 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the widget-editing accessibility-mode feature in WordPress before 4.7.1 allows remote attackers to hijack the authentication of unspecified victims for requests that perform a widgets-access action, related to wp-admin/includes/class-wp-screen.php...

6.8CVSS9.1AI score0.0193EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2017/01/15 2:0 a.m.33 views

CVE-2017-5492

Cross-site request forgery CSRF vulnerability in the widget-editing accessibility-mode feature in WordPress before 4.7.1 allows remote attackers to hijack the authentication of unspecified victims for requests that perform a widgets-access action, related to wp-admin/includes/class-wp-screen.php...

8.8CVSS9.1AI score0.0193EPSS
Exploits0
Hacker One
Hacker One
added 2016/11/29 10:17 p.m.45 views

Pornhub: Stored XSS on the http://ht.pornhub.com/widgets/

The researcher found a stored XSS in the HubTraffic widgets section. I found Stored XSS in the Hubtraffic widgets section. The team was very responsible and fixed the issue fast. Many thanks to the PornHub security team for the bounty and swag i received it already, very cool!...

5.9AI score
Exploits0
CNVD
CNVD
added 2016/10/26 12:0 a.m.3 views

Wordpress plugin content-glass-button has multiple cross-site scripting vulnerabilities

Content Glass is a social tool that allows website users to share widgets with peers-groups with page address fields or TLDs. The Wordpress plugin content-glass-button is vulnerable to an xss vulnerability due to improper filtering of user input, which allows attackers to frame malicious web page...

7.5AI score
Exploits0
Fedora
Fedora
added 2016/07/23 9:6 p.m.23 views

[SECURITY] Fedora 23 Update: kf5-ktextwidgets-5.24.0-1.fc23

KDE Frameworks 5 Tier 3 addon with advanced text edting widgets...

7.5CVSS2AI score0.04429EPSS
Exploits1
Fedora
Fedora
added 2016/07/23 9:6 p.m.25 views

[SECURITY] Fedora 23 Update: kf5-kconfigwidgets-5.24.0-1.fc23

KConfigWidgets provides easy-to-use classes to create configuration dialogs , as well as a set of widgets which uses KConfig to store their settings...

7.5CVSS1.9AI score0.04429EPSS
Exploits1
Fedora
Fedora
added 2016/07/23 9:6 p.m.30 views

[SECURITY] Fedora 23 Update: kf5-kcompletion-5.24.0-1.fc23

KCompletion provides widgets with advanced completion support as well as a lower-level completion class which can be used with your own widgets...

7.5CVSS1.9AI score0.04429EPSS
Exploits1
Fedora
Fedora
added 2016/07/23 7:7 p.m.14 views

[SECURITY] Fedora 24 Update: kf5-kcompletion-5.24.0-1.fc24

KCompletion provides widgets with advanced completion support as well as a lower-level completion class which can be used with your own widgets...

7.5CVSS1.9AI score0.04429EPSS
Exploits1
Fedora
Fedora
added 2016/07/23 7:7 p.m.14 views

[SECURITY] Fedora 24 Update: kf5-kdesignerplugin-5.24.0-1.fc24

This framework provides plugins for Qt Designer that allow it to display the widgets provided by various KDE frameworks, as well as a utility kgendesignerplugin that can be used to generate other such plugins from ini-style description files...

7.5CVSS2.1AI score0.04429EPSS
Exploits1
Hacker One
Hacker One
added 2016/07/08 4:45 a.m.22 views

Bime: Attacker can access graphic representation of every query

Vulnerability details On a dashboard, widgets can be added to show a graphic representation of a query. These queries come from datasources. When creating a widget, a query ID is given. This query ID can be changed in order to obtain the results of the dataset through a scheduled email. This leak...

1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/04/25 12:0 a.m.21 views

Fedora 23 : webkitgtk4-2.12.1-1.fc23 (2016-cb7a73c82e)

Highlights in 2.12.0: Enable FTL by default in JavaScriptCore for x8664. Network process is now used unconditionally. The shared secondary process model is now the same as using the multiple process model and setting a process limit of 1. Switch to use overlay scrollbars like all other GTK+ widge...

5.5AI score
Exploits0References1
hackapp
hackapp
added 2016/04/18 5:39 p.m.12 views

Wearable Widgets - Dangerous filesystem permissions, Exported components, External URLs vulnerabilities

HackApp vulnerability scanner discovered that application Wearable Widgets published at the 'play' market has multiple vulnerabilities...

0.2AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 9:38 a.m.9 views

GO Weather Forecast & Widgets - Customized SSL, Dangerous filesystem permissions, Exported ContentProvider vulnerabilities

HackApp vulnerability scanner discovered that application GO Weather Forecast & Widgets published at the 'play' market has multiple vulnerabilities...

0.2AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 9:36 a.m.8 views

Weather forecast & widgets - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Weather forecast & widgets published at the 'play' market has multiple vulnerabilities...

0.5AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 9:36 a.m.15 views

Wetter Widgets Österreich - Corrupted files, Dynamic Code Loading, Exported components vulnerabilities

HackApp vulnerability scanner discovered that application Wetter Widgets Österreich published at the 'play' market has multiple vulnerabilities...

0.2AI score
Exploits0References1Affected Software1
Rows per page
Query Builder