Search Results | AttackerKB

4 Total Results

Displaying 1-4 of 4

Attacker Value

Unknown

CVE-2023-29437

Disclosure Date: June 26, 2023 (last updated October 08, 2023)

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Steven A. Zahm Connections Business Directory plugin <= 10.4.36 versions.

Attacker Value

Unknown

CVE-2020-36503

Disclosure Date: November 01, 2021 (last updated November 29, 2024)

The Connections Business Directory WordPress plugin before 9.7 does not validate or sanitise some connections' fields, which could lead to a CSV injection issue

Attack Vector: Network Privileges: Low User Interaction: Required

Attacker Value

Unknown

CVE-2021-24794

Disclosure Date: November 01, 2021 (last updated November 28, 2024)

The Connections Business Directory WordPress plugin before 10.4.3 does not escape the Address settings when creating an Entry, which could allow high privilege users to perform Cross-Site Scripting when the unfiltered_html capability is disallowed.

Attack Vector: Network Privileges: High User Interaction: Required

Attacker Value

Unknown

CVE-2011-5254

Disclosure Date: January 12, 2013 (last updated October 05, 2023)

Unspecified vulnerability in the Connections plugin before 0.7.1.6 for WordPress has unknown impact and attack vectors.

4 Total Results

Displaying 1-4 of 4

Unknown

CVE-2023-29437

Unknown

CVE-2020-36503

Unknown

CVE-2021-24794

Unknown

CVE-2011-5254

Quick Cookie Notification