| CVE/PSC | Application | Date | Affected versions | Description | Details |
|---|---|---|---|---|---|
| Actual on: Feb 11, 2025, 01:02:26 | Entries count: 6 | ||||
|
vulnerable
|
Oct 28, 2024, 12:10:59 |
Min -
Max 2.7.2
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kevon Adonis WP Abstracts allows Stored XSS.This issue affects WP Abstracts: from n/a through 2.7.1. | ||
|
vulnerable
|
Jan 20, 2025, 01:01:20 |
Min -
Max 2.7.3
|
The WP Abstracts plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.7.2. This is due to missing nonce validation on the wpabstracts_load_status() and wpabstracts_delete_abstracts() functions. This makes it possible for unauthenticated attackers to inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | ||
|
vulnerable
|
Sep 26, 2024, 16:09:50 |
Min -
Max 2.7.0
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kevon Adonis WP Abstracts allows Stored XSS.This issue affects WP Abstracts: from n/a through 2.6.5. | ||
|
vulnerable
|
Jun 07, 2024, 01:06:53 |
Min -
Max 2.6.2
|
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Kevon Adonis WP Abstracts plugin <= 2.6.2 versions. | ||
|
vulnerable
|
Jun 07, 2024, 01:06:53 |
Min -
Max 2.6.3
|
Cross-Site Request Forgery (CSRF) vulnerability in Kevon Adonis WP Abstracts plugin <= 2.6.2 versions. | ||
|
vulnerable
|
Jun 07, 2024, 01:06:53 |
Min -
Max 2.6.3
|
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kevon Adonis WP Abstracts plugin <= 2.6.3 versions. | ||