Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
Bug Library ProjectBug Library

3 matches found

CVE
CVEadded 2024/07/19 6:0 a.m.57 views

CVE-2024-5604

The CVE-2024-5604 entry maps to the Bug Library WordPress plugin (versions before 2.1.2). The vulnerability arises because the plugin does not sanitize/escape certain settings, enabling stored XSS by high-privilege users (e.g., admins) even when unfiltered_html is disallowed (e.g., multisite). Pu...

5.9CVSS5.4AI score0.00194EPSS
CVE
CVEadded 2024/07/13 6:0 a.m.51 views

CVE-2024-5450

CVE-2024-5450 affects the WordPress Bug Library plugin prior to version 2.1.1. The vulnerability arises because the plugin does not validate the file type of files submitted with bug reports, enabling an unauthenticated user to upload PHP files (remote code execution risk). Affected product: Word...

9.1CVSS9.5AI score0.02072EPSS
CVE
CVEadded 2021/09/10 1:34 p.m.39 views

CVE-2021-38355

CVE-2021-38355 affects the WordPress Bug Library plugin up to version 2.0.3. The vulnerability is a reflected Cross-Site Scripting via the successimportcount parameter in ~/bug-library.php, enabling attackers to inject arbitrary web scripts. Exploitation details are not provided in the supplied d...

6.1CVSS6AI score0.0021EPSS