Skip to main content
CVE-2013-4954 LOW POC Monitor

Multiple cross-site scripting (XSS) vulnerabilities in wp-login.php in the Genetech Solutions Pie-Register plugin before 1.31 for WordPress, when "Allow New Registrations to set their own Password". Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

WordPress PHP XSS Pie Register
NVD Exploit-DB
CVSS 2.0
2.6
EPSS
8.4%
CVE-2013-4944 LOW Monitor

Cross-site scripting (XSS) vulnerability in the BuddyPress Extended Friendship Request plugin before 1.0.2 for WordPress, when the "Friend Connections" component is enabled, allows remote attackers. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. No vendor patch available.

WordPress PHP XSS Buddypress Extended Frienship Request
NVD
CVSS 2.0
2.6
EPSS
0.3%
CVE-2013-4140 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the TinyBox (Simple Splash) module before 7.x-2.2 for Drupal allows remote authenticated users with the "administer tinybox" permission to inject arbitrary. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable.

XSS Tinybox
NVD
CVSS 2.0
2.1
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy