cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-1110,https://securityvulnerability.io/vulnerability/CVE-2023-1110,Yellow Yard < 2.8.12 - Contributor+ Stored XSS,"The Yellow Yard Searchbar WordPress plugin before 2.8.12 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks",Wordpress,Yellow Yard Searchbar,5.4,MEDIUM,0.0005200000014156103,false,,false,false,false,,false,false,2023-08-16T12:15:00.000Z,0
CVE-2022-2094,https://securityvulnerability.io/vulnerability/CVE-2022-2094,Yellow Yard Searchbar < 2.8.2 - Reflected Cross-Site Scripting,"The Yellow Yard Searchbar WordPress plugin before 2.8.2 does not escape some URL parameters before outputting them back to the user, leading to Reflected Cross-Site Scripting",Wordpress,Yellow Yard Searchbar,6.1,MEDIUM,0.0007600000244565308,false,,false,false,false,,false,false,2023-02-08T09:27:51.906Z,0