CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

RedhatCVE•added 2025/05/23 10:33 a.m.•4 views

CVE-2024-8656

The WPFactory Helper plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.7.0. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in page...

6.1CVSS6.4AI score0.00977EPSS

Exploits0References1

NVD•added 2024/09/13 4:15 a.m.•10 views

CVE-2024-8656

6.1CVSS0.00977EPSS

Exploits0References3

CVE•added 2024/09/13 3:27 a.m.•49 views

CVE-2024-8656

The WPFactory Helper plugin for WordPress is affected by CVE-2024-8656: Reflected Cross‑Site Scripting in all versions up to and including 1.7.0 due to insufficient escaping in add_query_arg. This allows unauthenticated attackers to inject scripts in pages triggered by user actions. Patch: update...

6.1CVSS6.3AI score0.00977EPSS

Exploits0References3Affected Software1

NVD•added 2023/08/05 11:15 p.m.•11 views

CVE-2023-36689

Unauth. Reflected Cross-Site Scripting XSS vulnerability in WPFactory WPFactory Helper plugin = 1.5.2 versions...

7.1CVSS6.2AI score0.00105EPSS

Exploits0References1