Lucene search
K
WpvulndbRecent

14602 matches found

WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.16 views

Testimonial Slider < 1.3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The Testimonial Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'testimonialcategory' shortcode in all versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible f...

6.4CVSS5.5AI score0.00353EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.10 views

ConvertPlug < 3.5.26 - Missing Authorization to Authenticated (Subscriber+) Limited Arbitrary Options Update

Description The ConvertPlug plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the cpdismissnotice function in all versions up to, and including, 3.5.25. This makes it possible for authenticated attackers, with subscriber-level access and...

5.4CVSS6.6AI score0.00368EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.13 views

Stop Spammers Security | Block Spam Users, Comments, Forms < 2024.5 - Cross-Site Request Forgery (CSRF) via sfs_process

Description The Stop Spammers Security | Block Spam Users, Comments, Forms plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2024.4. This is due to missing or incorrect nonce validation on the sfsprocess AJAX action. This makes it possible for...

5.4CVSS6.6AI score0.00194EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.13 views

Gutenberg Blocks by Kadence Blocks < 3.2.35 - Contributor+ Stored XSS

Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admin...

6.4CVSS6AI score0.0032EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.17 views

Hummingbird < 3.7.4 - Missing Authorization

Description The Hummingbird plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions in the /admin/class-ajax.php file in versions up to, and including, 3.7.3. This makes it possible for unauthenticated attackers to perform unauthorized...

5.3CVSS7AI score0.00283EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.18 views

Jeg Elementor Kit < 2.6.5 - Contributor+ Stored XSS via Elementor Widget URL Custom Attributes

Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admin...

6.4CVSS6AI score0.00402EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.20 views

Supreme Modules Lite – Divi Theme, Extra Theme and Divi Builder < 2.5.4 - Contrib+ DOM-Based Cross-Site Scripting

Description The Supreme Modules Lite – Divi Theme, Extra Theme and Divi Builder plugin for WordPress is vulnerable to DOM-Based Cross-Site Scripting via the ‘typingcursor’ parameter in versions up to, and including, 2.5.3 due to insufficient input sanitization and output escaping. This makes it...

6.4CVSS6.1AI score0.00563EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.29 views

Drag and Drop Multiple File Upload – Contact Form 7 < 1.3.7.8 - Sensitive Information Exposure

Description The Drag and Drop Multiple File Upload – Contact Form 7 plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.3.7.7 via the '/wp-content/uploads/wpdndcf7uploads/wpcf7-files' directory. This makes it possible for unauthenticated...

5.3CVSS6.7AI score0.0065EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.11 views

Breakdance < 1.7.1 - Authenticated(Contributor+) Stored Cross-Site Scripting via custom postmeta

Description The Breakdance plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's custom postmeta output in all versions up to, and including, 1.7.0 due to insufficient input sanitization and output escaping on user supplied post meta fields. This makes it possible for...

6.4CVSS5.7AI score0.00324EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.13 views

Simple Basic Contact Form < 20240502 - Reflected Cross-Site Scripting

Description The Simple Basic Contact Form plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘scfemail’ parameter in versions up to, and including, 20221201 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers t...

6.1CVSS6.1AI score0.00507EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.17 views

Folders Pro < 3.0.3 - Authenticated (Subscriber+) Stored Cross-Site Scripting via User First Name and Last Name

Description The Folders Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a user's First Name and Last Name in all versions up to, and including, 3.0.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

5.4CVSS5.7AI score0.00369EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.11 views

ConvertPlug < 3.5.26 - Authenticated (Contributor+) PHP Object Injection

Description The ConvertPlug plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.5.25 via deserialization of untrusted input from the 'settingsencoded' attribute of the 'smileinfobar' shortcode. This makes it possible for authenticated attackers, with...

8.8CVSS7.1AI score0.00769EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.10 views

Flexible Shipping < 4.24.16 - Missing Authorization

Description The Flexible Shipping plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in versions up to, and including, 4.24.15. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform an...

4.3CVSS6.7AI score0.00337EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.24 views

Photo Gallery by 10Web < 1.8.21 - Missing Authorization

Description The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 1.8.20. This makes it possible for unauthenticated attackers to perform an...

5.3CVSS7AI score0.00372EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.17 views

WP Masquerade <= 1.1.0 - Subscriber+ Account Takeover

Description The WP Masquerade plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.1.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to access other users accounts which may be higher in privilege...

8.8CVSS7.1AI score0.00476EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.17 views

Giveaways and Contests by RafflePress < 1.12.11 - IP Spoofing

Description The Giveaways and Contests by RafflePress – Get More Website Traffic, Email Subscribers, and Social Followers plugin for WordPress is vulnerable to IP Address Spoofing in all versions up to, and including, 1.12.7 due to insufficient IP address validation. This makes it possible for...

5.3CVSS7AI score0.00385EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.14 views

Multiple Themes by jegstudio - Multiple Versions - Missing Authorization to Notice Dismissal

Description Multiple theme for WordPress by jegstudio are vulnerable to unauthorized modification of data due to a missing capability check on the noticeclosed function in versions up to, and including, 1.0.3. This makes it possible for authenticated attackers, with subscriber-level access and...

6.8AI score0.00155EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.16 views

ProfileGrid < 5.8.3 - Bypass Group Members Limit

Description The ProfileGrid – User Profiles, Memberships, Groups and Communities plugin for WordPress is vulnerable to group limit bypass in all versions up to, and including, 5.8.2. This is due to the plugin not properly verifying the limits of a group before adding a member. This makes it...

8.8CVSS6.8AI score0.00468EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.15 views

Premium Addons for Elementor < 4.10.31 - Contributor+ Stored XSS

Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admin...

5.4CVSS6AI score0.0048EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.19 views

WP Time Slots Booking Form < 1.2.07 - Unauthenticated Price Manipulation

Description The WP Time Slots Booking Form plugin for WordPress is vulnerable to price manipulation due to insufficient server-side validation of prices in versions up to, and including, 1.2.06. This makes it possible for unauthenticated attackers to alter the price of bookings...

7.5CVSS7.1AI score0.00417EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.17 views

Jeg Elementor Kit < 2.6.5 - Contributor+ Stored XSS via Countdown Widget

Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admin...

6.4CVSS6AI score0.00433EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.18 views

ShopLentor (formerly WooLentor) < 2.8.8 - Missing Authorization

Description The ShopLentor formerly WooLentor plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the purchasednewproducts function in all versions up to, and including, 2.8.7. This makes it possible for unauthenticated attackers to view all...

5.3CVSS6.3AI score0.00676EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.15 views

Import and export users and customers < 1.26.6 - Missing Authorization

Description The Import and export users and customers plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxforceresetpassworddeletemetas function in all versions up to, and including, 1.26.5. This makes it possible for authenticated...

4.3CVSS6.6AI score0.00431EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.12 views

SimpleShop < 2.10.1 - Cross-Site Request Forgery

Description The SimpleShop plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.10.0. This is due to missing or incorrect nonce validation on the maybedisconnectsimpleshop function. This makes it possible for unauthenticated attackers to...

4.3CVSS6.1AI score0.00582EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.18 views

Swift Framework <= 2.7.31 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcodes

Description The Swift Framework plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several of the plugin's shortcodes in all versions up to, and including, 2.7.31 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

5.3CVSS5.5AI score0.00365EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.15 views

FG Joomla to WordPress < 4.21.0 - Sensitive Information Exposure

Description The FG Joomla to WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.20.2 via log files. This makes it possible for unauthenticated attackers to view potentially sensitive information in log files...

5.3CVSS6.5AI score0.00547EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.8 views

USPS Shipping for WooCommerce – Live Rates < 1.10.0 - Sensitive Information Exposure

Description The USPS Shipping for WooCommerce – Live Rates plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.9.4 via log files. This makes it possible for unauthenticated users to extract potentially sensitive information from log files...

5.3CVSS6.6AI score0.00365EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.19 views

Customer Email Verification for WooCommerce < 2.7.5 - Authentication Bypass

Description The Customer Email Verification for WooCommerce plugin for WordPress is vulnerable to Email Verification and Authentication Bypass in all versions up to, and including, 2.7.4 via the use of insufficiently random activation code. This makes it possible for unauthenticated attackers to...

8.1CVSS7.2AI score0.0085EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.13 views

Simple Membership < 4.4.6 - Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode

Description The Simple Membership plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'swpmpaypalsubscriptioncancellink' shortcode in all versions up to, and including, 4.4.5 due to insufficient input sanitization and output escaping on user supplied attributes. Thi...

6.4CVSS5.5AI score0.00429EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.15 views

Simply Static < 3.1.4 - Unauthenticated Information Exposure

Description The Simply Static plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.1.3 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the expose...

7.5CVSS6.6AI score0.02015EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.14 views

Popup Builder by OptinMonster – WordPress Popups for Optins, Email Newsletters and Lead Generation < 2.16.0 - Cross-Site Request Forgery to Notice Dismissal

Description The OptinMonster plugin is vulnerable to Cross-Site Request Forgery. This is due to missing or incorrect nonce validation on the validatepleaseconnectnoticedismiss function. This makes it possible for unauthenticated attackers to dismiss notices via a forged request granted they can...

4.3CVSS6.8AI score0.00201EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.18 views

ColibriWP Theme framework - Various Versions and Themes - Missing Authorization

Description The ColibriWP Theme framework used by multiple themes for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'activateplugin' AJAX action in various versions. This makes it possible for authenticated attackers, with subscriber-level...

4.3CVSS6.9AI score0.00507EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.11 views

Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders < 5.9.18 - Contributor+ Stored XSS

Description The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders is vulnerable to Stored Cross-Site Scripting via the ‘eaeleventtextcolor’ parameter...

6.4CVSS6AI score0.00602EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.19 views

ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) < 2.8.8 - Contributor+ Stored XSS

Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admin...

6.4CVSS6.1AI score0.00423EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.21 views

ElementsKit Elementor addons 3.0.7 - 3.1.2 - Contributor+ Stored XSS

Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admin...

6.4CVSS6AI score0.00423EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.13 views

Swift Framework <= 2.7.31 - Missing Authorization to Unauthenticated Arbitrary Content Update

Description The Swift Framework plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the sfeditdirectoryitem function in all versions up to, and including, 2.7.31. This makes it possible for unauthenticated attackers to update arbitrary post...

5.3CVSS6.5AI score0.00377EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.22 views

Car Dealer < 4.16 - Admin+ Content Injection

Description The Car Dealer Dealership and Vehicle sales plugin for WordPress is vulnerable to unauthorized content injection due to insufficient input validation in all versions up to, and including, 4.15. This makes it possible for authenticated attackers, with administrator-level access and...

2.7CVSS6.9AI score0.00373EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.15 views

Premium Addons for Elementor < 4.10.26 - Contributor+ Stored XSS

Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admin...

6.5CVSS6.1AI score0.00323EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.27 views

Blocksy < 2.0.34 - Contributor+ Stored XSS

Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admin...

6.5CVSS6.1AI score0.00323EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.16 views

Maintenance Mode by helderk < 3.0.2 - Unauthenticated IP Spoofing

Description The Maintenance Mode plugin for WordPress is vulnerable to IP Address Spoofing in all versions up to, and including, 3.0.1 due to insufficient IP address validation. This makes it possible for unauthenticated attackers to spoof their IP Address...

3.7CVSS7AI score0.00373EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.24 views

Pricing Table by Supsystic < 1.9.13 - Admin+ Content Injection

Description The Pricing Table by Supsystic plugin for WordPress is vulnerable to content injection in all versions up to, and including, 1.9.12. This makes it possible for authenticated attackers, with admin-level access and above, to inject arbitrary content. This is not a security issue by...

4.3CVSS7.2AI score0.00346EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.18 views

WP Fusion Lite – Marketing Automation and CRM Integration for WordPress < 3.43.0 - Information Exposure

Description The WP Fusion Lite – Marketing Automation and CRM Integration for WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.42.10 through publicly exposed log files. This makes it possible for unauthenticated attackers to vi...

4.3CVSS6.5AI score0.00534EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.11 views

Solid Affiliate <= 1.9.1 - Sensitive Information Exposure

Description The Solid Affiliate plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.9.1 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the...

7.5CVSS6.6AI score0.00556EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.16 views

Newsletters < 4.9.6 - Information Exposure via Log files

Description The Newsletters plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.9.5. This makes it possible for unauthenticated attackers to extract potentially sensitive information from log files...

7.5CVSS6.7AI score0.0068EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.18 views

Metform Elementor Contact Form Builder < 3.8.4 - Missing Authorization to Notice Dismissal

Description The Metform Elementor Contact Form Builder is vulnerable to unauthorized modification of data due to a missing capability check on the dismissajaxcall function. This makes it possible for authenticated attackers, with subscriber-level access and above, to dismiss notices...

8.8CVSS6.8AI score0.00439EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.18 views

HT Mega – Absolute Addons For Elementor < 2.4.8 - Missing Authorization to Information Exposure

Description The HT Mega plugin for WordPress is vulnerable to unauthorized access of data due to an insufficient capability check on the duplicate function in all versions up to, and including, 2.4.7. This makes it possible for authenticated attackers, with contributor-level access and above, to...

6.5CVSS6.7AI score0.00871EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.12 views

SimpleShop < 2.10.3 - Missing Authorization

Description The SimpleShop plugin for WordPress is vulnerable to unauthorized disconnection from SimpleShop due to a missing capability check on the maybedisconnectsimpleshop function in all versions up to, and including, 2.10.2. This makes it possible for unauthenticated attackers to disconnect...

5.3CVSS6.4AI score0.00623EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.18 views

WP GDPR Compliance <= 2.0.23 - Cross-Site Request Forgery

Description The WP GDPR Compliance plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.23. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to perform an unauthorized...

5.4CVSS6.7AI score0.00257EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.28 views

Royal Elementor Addons < 1.3.95 - Unauthenticated IP Spoofing

Description The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to IP Address Spoofing due to insufficient IP address validation. This makes it possible for unauthenticated attackers to spoof their IP addresses. PoC Set any of the following server headers as used in...

9.8CVSS5.3AI score0.00455EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/02 12:0 a.m.16 views

Pet Manager <= 1.4 - Contributor+ Stored XSS

Description The plugin does not sanitise and escape some of its Pet settings, which could allow high privilege users such as Contributor to perform Stored Cross-Site Scripting attacks. PoC 1. Go to "Pets Add Pet" 2. In the "Address" field add the payload " style=animation-name:rotation...

5.5AI score0.00351EPSS
Exploits2
Total number of security vulnerabilities14602