Lucene search
+L

27 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.1 views

Malicious code in leadconduit-zillow (npm)

The package leadconduit-zillow was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.1 views

MAL-2025-25053 Malicious code in leadconduit-zillow (npm)

The package leadconduit-zillow was found to contain malicious code...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 10:19 p.m.7 views

CVE-2022-1915

The WP Zillow Review Slider WordPress plugin before 2.4 does not escape a settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...

4.8CVSS6.1AI score0.00565EPSS
Exploits1References1
Patchstack
Patchstack
added 2023/11/28 12:0 a.m.8 views

WordPress Widgets for Zillow Reviews Plugin <= 11.0.2 is vulnerable to Arbitrary File Upload

Software Widgets for Zillow Reviews Type Plugin Vulnerable versions = 11.0.2 Fixed in 11.1 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2023-48275 Patch priority Medium CVSS severity Medium 8 Developer Claim ownership PSID 4f292716d1ce Credits Rafie Muhammad Patchstack...

8CVSS7.2AI score0.00535EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.7 views

WordPress Easy Zillow Reviews Plugin < 1.6.2 is vulnerable to Cross Site Scripting (XSS)

Software Easy Zillow Reviews Type Plugin Vulnerable versions 1.6.2 Fixed in 1.6.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0f45d71ee4e7 Credits Rafie Muhammad Patchstack...

6.8AI score0.00284EPSS
Exploits0References3Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 2023/04/04 2:10 a.m.2 views

Malicious code in @zillow-types/constellation (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f570ad44977228dd333e2cc8ca47ab2bc8b05f057f2d4125c5549f3dd8f1c7f9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2023/04/04 2:10 a.m.15 views

MAL-2023-73 Malicious code in @zillow-types/constellation (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f570ad44977228dd333e2cc8ca47ab2bc8b05f057f2d4125c5549f3dd8f1c7f9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
CNVD
CNVD
added 2022/06/22 12:0 a.m.21 views

WordPress WP Zillow Review Slider plugin跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress WP Zillow Review Slider plugin version prior to 2.4 has a cross-site scripting vulnerabilit...

3.5CVSS3.4AI score0.00565EPSS
Exploits1Affected Software1
NVD
NVD
added 2022/06/20 11:15 a.m.16 views

CVE-2022-1915

The WP Zillow Review Slider WordPress plugin before 2.4 does not escape a settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...

4.8CVSS0.00565EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/06/20 11:15 a.m.5 views

CVE-2022-1915

The WP Zillow Review Slider WordPress plugin before 2.4 does not escape a settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...

4.8CVSS5.8AI score0.00565EPSS
Exploits1References2
OSV
OSV
added 2022/06/20 11:15 a.m.4 views

CVE-2022-1915

The WP Zillow Review Slider WordPress plugin before 2.4 does not escape a settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...

4.8CVSS5.8AI score0.00565EPSS
Exploits1References1
Prion
Prion
added 2022/06/20 11:15 a.m.21 views

Cross site scripting

The WP Zillow Review Slider WordPress plugin before 2.4 does not escape a settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...

3.5CVSS4.7AI score0.00565EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2022/06/20 10:26 a.m.61 views

CVE-2022-1915

The CVE-2022-1915 entry concerns the WordPress plugin WP Zillow Review Slider, affected in versions before 2.4. The vulnerability is a Cross-Site Scripting flaw caused by improper escaping of a settings field, which could allow high-privilege users to inject JavaScript (even when unfiltered_html ...

4.8CVSS4.8AI score0.00565EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/06/20 10:26 a.m.21 views

CVE-2022-1915 WP Zillow Review Slider < 2.4 - Admin+ Stored Cross-Site Scripting

The WP Zillow Review Slider WordPress plugin before 2.4 does not escape a settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...

5AI score0.00565EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/06/20 12:0 a.m.6 views

WordPress plugin WP Zillow Review Slider 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress WP Zillow Review Slider plugin version prior to 2.4 has a cross-site scripting vulnerabilit...

4.8CVSS5.2AI score0.00565EPSS
Exploits1References2
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.5 views

WordPress Easy Zillow Reviews plugin <= 1.4.0 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Easy Zillow Reviews plugin versions = 1.4.0. Solution Update the WordPress Easy Zillow Reviews plugin to the latest available version at least 1.4.1...

2.9AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.7 views

WordPress Easy Zillow Reviews plugin <= 1.4.0 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Easy Zillow Reviews plugin versions = 1.4.0. Solution Update the WordPress Easy Zillow Reviews plugin to the latest available version at least 1.4.1...

4.2AI score
Exploits0References2Affected Software1
ThreatPost
ThreatPost
added 2021/03/03 7:12 p.m.43 views

Malicious Code Bombs Target Amazon, Lyft, Slack, Zillow

Researchers have spotted malicious packages targeting internal applications for Amazon, Lyft, Slack and Zillow among others inside the npm public code repository — all of which exfiltrate sensitive information. The packages weaponize a proof-of-concept PoC code dependency-confusion exploit that w...

7.2AI score
Exploits0References6
ThreatPost
ThreatPost
added 2018/04/19 1:44 p.m.9 views

Chris Vickery Discusses Data Leak of 48 Million Users by Private Intelligence Firm

SAN FRANCISCO – Profile data of 48 million users that was scraped from social networks and websites ranging from Facebook, LinkedIn, Zillow and Twitter was leaked by a private intelligence agency. The data was left on an Amazon S3 storage bucket accessible without a password by Localblox, the...

0.2AI score
Exploits0References2
Openbugbounty
Openbugbounty
added 2018/02/28 4:39 p.m.14 views

zillow.com XSS vulnerability

Open Bug Bounty ID: OBB-571189 Description| Value ---|--- Affected Website:| zillow.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
Rows per page
Query Builder