Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ajax vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2022-2433
The WordPress Infinite Scroll – Ajax Load More plugin for WordPress is vulnerable to deserialization of untrusted input via the 'alm_repeaters_export' parameter in versions up to, and including 5.5.3. This makes it possible for unauthenticated users to call files ...
Connekthq Ajax Load More
6.1
CVSSv3
CVE-2017-20182
A vulnerability was found in Mobile Vikings Django AJAX Utilities up to 1.2.1 and classified as problematic. This issue affects the function Pagination of the file django_ajax/static/ajax-utilities/js/pagination.js of the component Backslash Handler. The manipulation of the argum...
Mobilevikings Django Ajax Utilities
5.4
CVSSv3
CVE-2023-50874
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Darren Cooney WordPress Infinite Scroll – Ajax Load More allows Stored XSS.This issue affects WordPress Infinite Scroll – Ajax Load More: from n/a up to and...
Connekthq Ajax Load More
8.8
CVSSv3
CVE-2023-34033
Cross-Site Request Forgery (CSRF) vulnerability in Malinky Ajax Pagination and Infinite Scroll plugin <= 2.0.1 versions.
Malinky Malinky-ajax-pagination
5.4
CVSSv3
CVE-2023-46069
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Osmansorkar Ajax Archive Calendar plugin <= 2.6.7 versions.
Osmansorkar Ajax Archive Calendar
NA
CVE-2007-4921
PHP remote file inclusion vulnerability in _includes/settings.inc.php in Ajax File Browser 3 Beta allows remote malicious users to execute arbitrary PHP code via a URL in the approot parameter.
Ajax File Browser 3 Beta
1 EDB exploit
NA
CVE-2006-3972
Directory traversal vulnerability in includes/operator_chattranscript.php in Scott Weedon Ajax Chat, possibly 0.1, allows remote malicious users to read arbitrary files via a .. (dot dot) in the chatid parameter.
Scott Weedon Ajax Chat 0.1
1 EDB exploit
3.7
CVSSv3
CVE-2023-5313
A vulnerability classified as problematic was found in phpkobo Ajax Poll Script 3.18. Affected by this vulnerability is an unknown functionality of the file ajax-poll.php of the component Poll Handler. The manipulation leads to improper enforcement of a single, unique action. The...
Phpkobo Ajax Poll Script 3.18
7.5
CVSSv3
CVE-2022-27849
Sensitive Information Disclosure (sac-export.csv) in Simple Ajax Chat (WordPress plugin) <= 20220115
Plugin-planet Simple Ajax Chat
6.1
CVSSv3
CVE-2022-25610
Unauthenticated Stored Cross-Site Scripting (XSS) in Simple Ajax Chat <= 20220115 allows an malicious user to store the malicious code. However, the attack requires specific conditions, making it hard to exploit.
Plugin-planet Simple Ajax Chat
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »