Search Results | AttackerKB

Show filters

Topics 132 Users 9,713

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

132 Total Results

Displaying 111-120 of 132

Attacker Value

Unknown

CVE-2025-23462

Disclosure Date: January 22, 2025 (last updated January 23, 2025)

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound FWD Slider allows Reflected XSS. This issue affects FWD Slider: from n/a through 1.0.

0

Attacker Value

Unknown

CVE-2025-23449

Disclosure Date: January 22, 2025 (last updated January 23, 2025)

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Simple shortcode buttons allows Reflected XSS. This issue affects Simple shortcode buttons: from n/a through 1.3.2.

0

Attacker Value

Unknown

CVE-2025-22772

Disclosure Date: January 22, 2025 (last updated January 23, 2025)

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Mapbox for WP Advanced allows Reflected XSS. This issue affects Mapbox for WP Advanced: from n/a through 1.0.0.

0

Attacker Value

Unknown

CVE-2025-22763

Disclosure Date: January 21, 2025 (last updated January 22, 2025)

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Brizy Pro allows Reflected XSS. This issue affects Brizy Pro: from n/a through 2.6.1.

0

Attacker Value

Unknown

CVE-2025-22553

Disclosure Date: January 21, 2025 (last updated January 22, 2025)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound Multiple Carousel allows SQL Injection. This issue affects Multiple Carousel: from n/a through 2.0.

0

Attacker Value

Unknown

CVE-2025-22322

Disclosure Date: January 21, 2025 (last updated January 22, 2025)

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Private Messages for UserPro allows Reflected XSS. This issue affects Private Messages for UserPro: from n/a through 4.10.0.

0

Attacker Value

Unknown

CVE-2025-22311

Disclosure Date: January 21, 2025 (last updated January 22, 2025)

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NotFound Private Messages for UserPro. This issue affects Private Messages for UserPro: from n/a through 4.10.0.

0

Attacker Value

Unknown

CVE-2025-22262

Disclosure Date: January 21, 2025 (last updated January 22, 2025)

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Bonjour Bar allows Stored XSS. This issue affects Bonjour Bar: from n/a through 1.0.0.

0

Attacker Value

Unknown

CVE-2024-51919

Disclosure Date: January 21, 2025 (last updated January 22, 2025)

Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Fancy Product Designer. This issue affects Fancy Product Designer: from n/a through 6.4.3.

0

Attacker Value

Unknown

CVE-2024-51888

Disclosure Date: January 21, 2025 (last updated January 22, 2025)

Incorrect Privilege Assignment vulnerability in NotFound Homey Login Register allows Privilege Escalation. This issue affects Homey Login Register: from n/a through 2.4.0.

0