CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38781 – WordPress CopySafe Web Protection plugin <= 3.15 - Reflected Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2024-38781
19 Jul 2024 — Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ArtistScope CopySafe Web Protection allows Reflected XSS.This issue affects CopySafe Web Protection: from n/a through 3.15. La vulnerabilidad de neutralización incorrecta de la entrada durante la generación de páginas web (XSS o 'Cross-site Scripting') en ArtistScope CopySafe Web Protection permite XSS reflejado. Este problema afecta a CopySafe Web Protection: desde n/a hasta 3.15. The CopySafe Web P... • https://patchstack.com/database/vulnerability/wp-copysafe-web/wordpress-copysafe-web-protection-plugin-3-15-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-49000
https://notcve.org/view.php?id=CVE-2023-49000
27 Dec 2023 — An issue in ArtistScope ArtisBrowser v.34.1.5 and before allows an attacker to bypass intended access restrictions via interaction with the com.artis.browser.IntentReceiverActivity component. Un problema en ArtistScope ArtisBrowser v.34.1.5 y anteriores permite a un atacante omitir las restricciones de acceso previstas mediante la interacción con el componente com.artis.browser.IntentReceiverActivity. An issue in ArtistScope ArtisBrowser v.34.1.5 and before allows an attacker to bypass intended access restr... • https://github.com/actuator/com.artis.browser/blob/main/CWE-94.md • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2023-29098 – WordPress CopySafe Web Protection Plugin <= 3.13 is vulnerable to Cross Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2023-29098
03 Apr 2023 — Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ArtistScope CopySafe Web Protection plugin <= 3.13 versions. The CopySafe Web Protection plugin for WordPress is vulnerable to Stored Cross-Site Scripting via file uploads in versions up to, and including, 3.13 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Unauth. • https://patchstack.com/database/vulnerability/wp-copysafe-web/wordpress-copysafe-web-protection-plugin-3-13-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-8100 – CopySafe Web Protection < 2.6 - Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-2017-8100
07 Apr 2017 — There is CSRF in the CopySafe Web Protection plugin before 2.6 for WordPress, allowing attackers to change plugin settings. Hay CSRF en el plugin CopySafe Web Protection en versiones anteriores a 2.6 para WordPress, permitiendo a los atacantes cambiar la configuración del plugin. • http://seclists.org/fulldisclosure/2017/Apr/42 • CWE-352: Cross-Site Request Forgery (CSRF) •