Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jquery jquery - vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2021-43306
An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the jquery-validation npm package, when an attacker is able to supply arbitrary input to the url2 method
Jqueryvalidation Jquery Validation
NA
CVE-2022-31160
jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of jQuery. Versions before 1.13.2 are potentially vulnerable to cross-site scripting. Initializing a checkboxradio widget on an input enclosed within a label makes that parent lab...
Jqueryui Jquery Ui
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
Netapp Oncommand Insight -
Drupal Jquery Ui Checkboxradio 8.x-1.2
Drupal Jquery Ui Checkboxradio 8.x-1.1
Drupal Jquery Ui Checkboxradio 8.x-1.0
Drupal Jquery Ui Checkboxradio 8.x-1.3
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Debian Debian Linux 10.0
1 Github repository
7.5
CVSSv2
CVE-2018-9207
Arbitrary file upload in jQuery Upload File <= 4.0.2
Hayageek Jquery Upload File
1 Github repository
4.3
CVSSv2
CVE-2021-34663
The jQuery Tagline Rotator WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to the use of $_SERVER['PHP_SELF'] in the ~/jquery-tagline-rotator.php file which allows malicious users to inject arbitrary web scripts, in versions up to and including 0.1....
Arvtard Jquery Tagline Rotator
6.5
CVSSv2
CVE-2021-20087
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in jquery-deparam 0.5.1 allows a malicious user to inject properties into Object.prototype.
Acemetrix Jquery-deparam 0.5.1
NA
CVE-2023-5430
The Jquery news ticker plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 3.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...
Gopiplus Jquery News Ticker
NA
CVE-2023-5432
The Jquery news ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'jquery-news-ticker' shortcode in versions up to, and including, 3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possib...
Gopiplus Jquery News Ticker
NA
CVE-2023-5464
The Jquery accordion slideshow plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 8.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This ...
Gopiplus Jquery Accordion Slideshow
5
CVSSv2
CVE-2021-21252
The jQuery Validation Plugin provides drop-in validation for your existing forms. It is published as an npm package "jquery-validation". jquery-validation before version 1.19.3 contains one or more regular expressions that are vulnerable to ReDoS (Regular Expression Den...
Jqueryvalidation Jquery Validation
Netapp Snapcenter -
7.5
CVSSv2
CVE-2018-9208
Unauthenticated arbitrary file upload vulnerability in jQuery Picture Cut <= v1.1Beta
Tuyoshi Jquery Picture Cut 1.1
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »