Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
verbb vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2020-13870
An issue exists in the Comments plugin prior to 1.5.5 for Craft CMS. There is stored XSS via an asset volume name.
Verbb Comments
6.5
CVSSv3
CVE-2020-13868
An issue exists in the Comments plugin prior to 1.5.5 for Craft CMS. CSRF affects comment integrity.
Verbb Comments
5.4
CVSSv3
CVE-2020-13869
An issue exists in the Comments plugin prior to 1.5.6 for Craft CMS. There is stored XSS via a guest name.
Verbb Comments
5.4
CVSSv3
CVE-2020-13459
An issue exists in the Image Resizer plugin prior to 2.0.9 for Craft CMS. There is stored XSS in the Bulk Resize action.
Verbb Image Resizer
9.1
CVSSv3
CVE-2020-13485
The Knock Knock plugin prior to 1.2.8 for Craft CMS allows IP Whitelist bypass via an X-Forwarded-For HTTP header.
Verbb Knock Knock
8.8
CVSSv3
CVE-2020-13458
An issue exists in the Image Resizer plugin prior to 2.0.9 for Craft CMS. There are CSRF issues with the log-clear controller action.
Verbb Image Resizer
6.1
CVSSv3
CVE-2020-13486
The Knock Knock plugin prior to 1.2.8 for Craft CMS allows malicious redirection.
Verbb Knock Knock
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started