Ari-soft : Security Vulnerabilities, CVEs, CVSS score >= 4

CVE-2023-52182

Deserialization of Untrusted Data vulnerability in ARI Soft ARI Stream Quiz – WordPress Quizzes Builder.This issue affects ARI Stream Quiz – WordPress Quizzes Builder: from n/a through 1.3.0.
Max CVSS
9.9
EPSS Score
0.05%
Published
2023-12-31
Updated
2024-01-05

CVE-2023-47835

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ARI Soft ARI Stream Quiz – WordPress Quizzes Builder plugin <= 1.2.32 versions.
Max CVSS
6.5
EPSS Score
0.05%
Published
2023-11-23
Updated
2023-11-28

CVE-2022-0161

The ARI Fancy Lightbox WordPress plugin before 1.3.9 does not sanitise and escape the msg parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting
Max CVSS
6.1
EPSS Score
0.07%
Published
2022-03-14
Updated
2022-03-23

CVE-2024-0239

The Contact Form 7 Connector WordPress plugin before 1.2.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against administrators.
Max CVSS
6.1
EPSS Score
0.05%
Published
2024-01-16
Updated
2024-01-23

CVE-2020-19156

Cross Site Scripting (XSS) in Ari Adminer v1 allows remote attackers to execute arbitrary code via the 'Title' parameter of the 'Add New Connections' component when the 'save()' function is called.
Max CVSS
5.4
EPSS Score
0.07%
Published
2021-09-15
Updated
2021-09-22
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close