Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
WondercmsWondercms

9 matches found

CVE
CVEadded 2024/04/17 9:15 p.m.50 views

CVE-2024-32338

A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the PAGE TITLE parameter under the Current Page module.

5.4CVSS5.8AI score0.00145EPSS
CVE
CVEadded 2024/04/17 9:15 p.m.50 views

CVE-2024-32340

A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the WEBSITE TITLE parameter under the Menu module.

9.6CVSS5.8AI score0.0011EPSS
CVE
CVEadded 2024/04/17 9:15 p.m.48 views

CVE-2024-32341

Multiple cross-site scripting (XSS) vulnerabilities in the Home page of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into any of the parameters.

5.4CVSS6AI score0.00131EPSS
CVE
CVEadded 2024/04/17 9:15 p.m.46 views

CVE-2024-32337

A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the ADMIN LOGIN URL parameter under the Security module.

6.1CVSS5.8AI score0.00096EPSS
CVE
CVEadded 2024/04/17 9:15 p.m.44 views

CVE-2024-32744

A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the PAGE KEYWORDS parameter under the CURRENT PAGE module.

4.6CVSS5.8AI score0.00089EPSS
CVE
CVEadded 2024/04/17 9:15 p.m.41 views

CVE-2024-32746

A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the MENU parameter under the Menu module.

4.6CVSS5.8AI score0.00073EPSS
CVE
CVEadded 2024/04/17 9:15 p.m.39 views

CVE-2024-32339

Multiple cross-site scripting (XSS) vulnerabilities in the HOW TO page of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into any of the parameters.

6.1CVSS6AI score0.0014EPSS
CVE
CVEadded 2024/04/17 9:15 p.m.39 views

CVE-2024-32743

A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the SITE LANGUAGE CONFIG parameter under the Security module.

5.5CVSS5.8AI score0.00069EPSS
CVE
CVEadded 2024/04/17 9:15 p.m.38 views

CVE-2024-32745

A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the PAGE DESCRIPTION parameter under the CURRENT PAGE module.

5.9CVSS5.8AI score0.00047EPSS