Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.9
CVE-2024-5604
- EPSS 0.19%
- Veröffentlicht 19.07.2024 06:15:03
- Zuletzt bearbeitet 16.05.2025 13:01:32
The Bug Library WordPress plugin before 2.1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowe...
9.1
CVE-2024-5450
- EPSS 2.07%
- Veröffentlicht 13.07.2024 06:15:04
- Zuletzt bearbeitet 13.05.2025 16:22:28
The Bug Library WordPress plugin before 2.1.1 does not check the file type on user-submitted bug reports, allowing an unauthenticated user to upload PHP files
6.1
CVE-2021-38355
- EPSS 0.21%
- Veröffentlicht 10.09.2021 14:15:10
- Zuletzt bearbeitet 21.11.2024 06:16:53
The Bug Library WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the successimportcount parameter found in the ~/bug-library.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 2.0.3.
1