Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
0xb9 vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2023-27890
The Export User plugin up to and including 2.0 for MyBB allows XSS during the process of an admin generating DSGVO data for a user, via the Custom User Title, Location, or Bio field. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
Export User Project Export User
6.1
CVSSv3
CVE-2019-6979
An issue exists in the User IP History Logs (aka IP_History_Logs) plugin 1.0.2 for MyBB. There is XSS via the admin/modules/tools/ip_history_logs.php useragent field.
Ip History Logs Project Ip History Logs 1.0.2
1 EDB exploit
6.5
CVSSv3
CVE-2018-17996
LayerBB prior to 1.1.3 allows CSRF for adding a user via admin/new_user.php, deleting a user via admin/members.php/delete_user/, and deleting content via mod/delete.php/.
Layerbb Layerbb 1.1.2
1 EDB exploit
NA
CVE-2018-179971
LayerBB version 1.1.1 suffers from a cross site scripting vulnerability.
8.8
CVSSv3
CVE-2019-16531
LayerBB prior to 1.1.4 has multiple CSRF issues, as demonstrated by changing the System Settings via admin/general.php.
Layerbb Layerbb
1 EDB exploit
1 Github repository
NA
CVE-2019-165311
LayerBB version 1.1.3 suffers from a cross site request forgery vulnerability.
NA
CVE-2021-241741
WordPress Database Backups plugin version 1.2.2.6 suffers from a cross site request forgery vulnerability in the databased backup download functionality.
NA
CVE-2021-242471
WordPress Contact Form Check Tester plugin version 1.0.2 suffers from broken access control and cross site scripting vulnerabilities.
NA
CVE-2021-242721
WordPress Fitness Calculators plugin version 1.9.5 suffers from a cross site request forgery vulnerability.
NA
CVE-2021-242741
WordPress Ultimate Maps plugin version 1.2.4 suffers from a cross site scripting vulnerability.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »