CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2020-9003 – Modula Image Gallery <= 2.2.4 - Authenticated Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2020-9003
19 Feb 2020 — A stored XSS vulnerability exists in the Modula Image Gallery plugin before 2.2.5 for WordPress. Successful exploitation of this vulnerability would allow an authenticated low-privileged user to inject arbitrary JavaScript code that is viewed by other users. Se presenta una vulnerabilidad de tipo XSS almacenado en el plugin Modula Image Gallery versiones anteriores a 2.2.5 para WordPress. Una explotación con éxito de esta vulnerabilidad permitiría a un usuario poco privilegiado autenticado inyectar código J... • https://fortiguard.com/zeroday/FG-VD-20-041 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 4CVE-2020-8549 – Strong Testimonials <= 2.40.0 - Stored Cross Site Scripting
https://notcve.org/view.php?id=CVE-2020-8549
01 Feb 2020 — Stored XSS in the Strong Testimonials plugin before 2.40.1 for WordPress can result in an attacker performing malicious actions such as stealing session tokens. Una vulnerabilidad de tipo XSS almacenado en el plugin Strong Testimonials versiones anteriores a 2.40.1 para WordPress, puede resultar en que un atacante lleve a cabo acciones maliciosas como robar tokens de sesión. WordPress Strong Testimonials plugin version 2.40.1 suffers from a persistent cross site scripting vulnerability. • https://packetstorm.news/files/id/156369 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •