cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-0385,https://securityvulnerability.io/vulnerability/CVE-2022-0385,Crazy Bone <= 0.6.0 - Unauthenticated Stored XSS,"The Crazy Bone WordPress plugin through 0.6.0 does not sanitise and escape the username submitted via the login from when displaying them back in the log dashboard, leading to an unauthenticated Stored Cross-Site scripting",Wordpress,Crazy Bone,6.1,MEDIUM,0.0013200000394135714,false,,false,false,false,,,false,false,,2022-02-28T09:06:53.000Z,0
CVE-2015-9430,https://securityvulnerability.io/vulnerability/CVE-2015-9430,Cross-Site Scripting Vulnerability in Crazy-Bone Plugin for WordPress,"The Crazy-Bone plugin for WordPress, prior to version 0.6.0, contains a cross-site scripting (XSS) vulnerability that arises from insufficient input validation of the User-Agent HTTP header. This flaw could be exploited by an attacker to inject malicious scripts, potentially compromising the effectiveness of web security measures and allowing unauthorized access or data manipulation on affected WordPress sites.",Wordpress,Crazy Bone,6.1,MEDIUM,0.0016499999910593033,false,,false,false,false,,,false,false,,2019-09-26T00:53:56.000Z,0