Vulnerabilities
Vulnerable Software
Marcomilesi:  Security Vulnerabilities
Cross-Site Request Forgery (CSRF) vulnerability in Marco Milesi Browser Theme Color.This issue affects Browser Theme Color: from n/a through 1.3.
CVSS Score
4.3
EPSS Score
0.001
Published
2024-01-31
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Marco Milesi ANAC XML Bandi di Gara plugin <= 7.5 versions.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-11-16
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Marco Milesi ANAC XML Viewer plugin <= 1.7 versions.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-11-16
Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in Marco Milesi ANAC XML Bandi di Gara plugin <= 7.5 versions.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-11-14
Cross-Site Request Forgery (CSRF) vulnerability in Marco Milesi WP Attachments allows Cross Site Request Forgery.This issue affects WP Attachments: from n/a through 5.0.11.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-10-16
The WP Attachments WordPress plugin before 5.0.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
CVSS Score
4.8
EPSS Score
0.001
Published
2023-01-16
The WP Attachments WordPress plugin before 5.0.5 does not sanitize and escapes some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example, in multisite setup).
CVSS Score
4.8
EPSS Score
0.002
Published
2022-11-14


Contact Us

Shodan ® - All rights reserved