Approved changes feed: RSS · Atom

cpe:2.3:a:powie:whois_domain_check:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorPowie (4964ef30-0578-50c8-b814-c45032ece7b0)
ProductWhois Domain Check (cb5bfa03-756c-5518-ac53-34bb022ae55e)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2020-37225 vulnerable 2026-06-08 05:25:50.357670 Powie's WHOIS Domain Check 0.9.31 Persistent Cross-Site Scripting
MEDIUM (6.4)
Powie's WHOIS Domain Check 0.9.31 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject arbitrary JavaScript by exploiting unsanitized input fields in plugin settings. Attackers can submit malicious payloads through textarea and input elements in the pwhois_settings.php configuration page to execute JavaScript in the admin context and escalate privileges.
Published: 2026-05-13T14:22:35.764Z
Updated: 2026-05-24T01:36:55.519Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.