Filtered by vendor Ari-soft
Subscriptions
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-19156 | 1 Ari-soft | 1 Ari Adminer | 2024-08-04 | 5.4 Medium |
| Cross Site Scripting (XSS) in Ari Adminer v1 allows remote attackers to execute arbitrary code via the 'Title' parameter of the 'Add New Connections' component when the 'save()' function is called. | ||||
| CVE-2022-0161 | 1 Ari-soft | 1 Ari Fancy Lightbox | 2024-08-02 | 6.1 Medium |
| The ARI Fancy Lightbox WordPress plugin before 1.3.9 does not sanitise and escape the msg parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting | ||||
| CVE-2023-52182 | 1 Ari-soft | 1 Ari Stream Quiz | 2024-08-02 | 9.9 Critical |
| Deserialization of Untrusted Data vulnerability in ARI Soft ARI Stream Quiz – WordPress Quizzes Builder.This issue affects ARI Stream Quiz – WordPress Quizzes Builder: from n/a through 1.3.0. | ||||
| CVE-2023-47835 | 1 Ari-soft | 1 Ari Stream Quiz | 2024-08-02 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ARI Soft ARI Stream Quiz – WordPress Quizzes Builder plugin <= 1.2.32 versions. | ||||
| CVE-2024-0239 | 1 Ari-soft | 1 Contact Form 7 Connector | 2024-08-01 | 6.1 Medium |
| The Contact Form 7 Connector WordPress plugin before 1.2.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against administrators. | ||||
Page 1 of 1.