The Easy Forms for Mailchimp WordPress plugin through 6.8.10 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is...
6AI Score
0.0004EPSS
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in YIKES, Inc. Easy Forms for Mailchimp plugin <= 6.8.8...
6.1AI Score
0.0005EPSS
A vulnerability classified as problematic has been found in yikes-inc-easy-mailchimp-extender Plugin up to 6.8.5. This affects an unknown part of the file admin/partials/ajax/add_field_to_form.php. The manipulation of the argument field_name/merge_tag/field_type/list_id leads to cross site...
6AI Score
0.001EPSS
The Easy Forms for Mailchimp WordPress plugin before 6.8.9 does not sanitise and escape a parameter before outputting it back in the page when the debug option is enabled, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as...
6.2AI Score
0.001EPSS
6.8AI Score
0.068EPSS
The Easy Forms for Mailchimp WordPress plugin before 6.8.9 does not sanitise and escape some of its from parameters, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite.....
5.8AI Score
0.0005EPSS
The Easy Forms for Mailchimp WordPress plugin before 6.8.8 does not sanitise and escape some parameters before outputting them back in the response, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as...
6.2AI Score
0.001EPSS
The Easy Forms for Mailchimp WordPress plugin before 6.8.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting...
6AI Score
0.001EPSS
6.8AI Score
0.058EPSS
6.8AI Score
0.006EPSS
6.9AI Score
0.007EPSS
The OpenPGP specification allows a Cipher Feedback Mode (CFB) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. NOTE: third parties report that this is a problem in applications that mishandle the Modification Detection Code (MDC) feature or accept an...
5.9CVSS
5.7AI Score
0.008EPSS
6.8AI Score
0.007EPSS
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully...
7.5CVSS
7.5AI Score
0.021EPSS
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully...
7.5CVSS
7.5AI Score
0.021EPSS
A security feature bypass vulnerability exists when Microsoft browsers improperly handle requests of different origins. The vulnerability allows Microsoft browsers to bypass Same-Origin Policy (SOP) restrictions, and to allow requests that should otherwise be ignored. An attacker who successfully.....
4.3CVSS
4.8AI Score
0.001EPSS
A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the...
6.4CVSS
7.5AI Score
0.006EPSS
6.8AI Score
0.018EPSS
6.8AI Score
0.047EPSS
6.8AI Score
0.0004EPSS
6.8AI Score
0.925EPSS
6.9AI Score
0.031EPSS
A vulnerability, which was classified as problematic, was found in CodeAstro Internet Banking System 1.0. This affects an unknown part of the file pages_client_signup.php. The manipulation of the argument Client Full Name with the input leads to open redirect. It is possible to initiate the...
6.1CVSS
7.3AI Score
0.001EPSS
A vulnerability, which was classified as problematic, has been found in CodeAstro Internet Banking System 1.0. This issue affects some unknown processing of the file pages_view_client.php. The manipulation of the argument acc_name with the input Johnnie Reyes'"()&%alert(5646) leads to cross site...
6.1CVSS
6.8AI Score
0.001EPSS
6.8AI Score
0.0004EPSS
A vulnerability classified as problematic was found in CodeAstro Internet Banking System 1.0. This vulnerability affects unknown code of the file pages_deposit_money.php. The manipulation of the argument account_number with the input...
6.1CVSS
6.9AI Score
0.001EPSS
A vulnerability was found in CodeAstro Internet Banking System 1.0. It has been classified as problematic. Affected is an unknown function of the file pages_system_settings.php. The manipulation of the argument sys_name with the input alert(991) leads to cross site scripting. It is possible to...
6.1CVSS
6.7AI Score
0.001EPSS
A vulnerability was found in CodeAstro Internet Banking System 1.0 and classified as critical. This issue affects some unknown processing of the file pages_reset_pwd.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been...
9.8CVSS
8AI Score
0.001EPSS
6.8AI Score
0.005EPSS
6.8AI Score
0.672EPSS
6.8AI Score
0.002EPSS
A vulnerability classified as problematic was found in CodeAstro Internet Banking System 1.0. Affected by this vulnerability is an unknown functionality of the file pages_client_signup.php. The manipulation of the argument Client Full Name leads to cross site scripting. The attack can be launched.....
5.4CVSS
6.7AI Score
0.001EPSS
A vulnerability, which was classified as critical, has been found in CodeAstro Internet Banking System up to 1.0. This issue affects some unknown processing of the file pages_account.php of the component Profile Picture Handler. The manipulation leads to unrestricted upload. The attack may be...
9.8CVSS
7.4AI Score
0.001EPSS
A vulnerability classified as problematic has been found in CodeAstro Internet Banking System 1.0. This affects an unknown part of the file pages_withdraw_money.php. The manipulation of the argument account_number with the input...
6.1CVSS
6.7AI Score
0.001EPSS
A vulnerability was found in CodeAstro Internet Banking System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file pages_transfer_money.php. The manipulation of the argument account_number with the input...
6.1CVSS
6.7AI Score
0.001EPSS
Election Services Co. (ESC) Internet Election Service is vulnerable to SQL injection in multiple pages and parameters. These vulnerabilities allow an unauthenticated, remote attacker to read or modify data for any elections that share the same backend database. ESC deactivated older and unused...
9.8CVSS
8.7AI Score
0.001EPSS
6.8AI Score
0.0004EPSS
6.8AI Score
0.0004EPSS
6.8AI Score
0.0004EPSS
6.8AI Score
0.0004EPSS
6.8AI Score
0.0004EPSS
A vulnerability was found in CodeAstro Internet Banking System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file pages_reset_pwd.php. The manipulation of the argument email with the input testing%40example.com'%26%25alert(9860) leads...
6.1CVSS
6.8AI Score
0.001EPSS
6.8AI Score
0.0004EPSS
6.9AI Score
0.002EPSS
6.8AI Score
0.0004EPSS
6.9AI Score
0.005EPSS
6.8AI Score
0.0004EPSS
Jira Netic Group Export <1.0.3 - Missing Authorization
Jira Netic Group Export add-on before 1.0.3 contains a missing authorization vulnerability. The add-on does not perform authorization checks, which can allow an unauthenticated user to export all groups from the Jira instance by making a groupexport_download=true request to a...
5.5AI Score
0.195EPSS
PDoS using high notification channel group count limit
In PreferencesHelper.java, an uncaught exception may cause the device to get stuck in a boot loop. This could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for...
6.3AI Score
0.0004EPSS
6.4AI Score
0.086EPSS