TinyMCE Cross-Site Scripting (XSS) vulnerability using noneditable_regexp option
Impact A cross-site scripting (XSS) vulnerability was discovered in TinyMCE’s content extraction code. When using the noneditable_regexp option, specially crafted HTML attributes containing malicious code were able to be executed when content was extracted from the editor. Patches This...
6.1CVSS
6.5AI Score
0.0004EPSS
TinyMCE Cross-Site Scripting (XSS) vulnerability using noscript elements
Impact A cross-site scripting (XSS) vulnerability was discovered in TinyMCE’s content parsing code. This allowed specially crafted noscript elements containing malicious code to be executed when that content was loaded into the editor. Patches This vulnerability has been patched in TinyMCE 7.2.0,.....
6.1CVSS
6.8AI Score
0.0004EPSS
TinyMCE Cross-Site Scripting (XSS) vulnerability using noscript elements
Impact A cross-site scripting (XSS) vulnerability was discovered in TinyMCE’s content parsing code. This allowed specially crafted noscript elements containing malicious code to be executed when that content was loaded into the editor. Patches This vulnerability has been patched in TinyMCE 7.2.0,.....
6.1CVSS
6.5AI Score
0.0004EPSS
socket.io has an unhandled 'error' event
Impact A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. ``` node:events:502 throw err; // Unhandled 'error' event ^ Error [ERR_UNHANDLED_ERROR]: Unhandled error. (undefined) at new NodeError...
7.3CVSS
6.7AI Score
0.0004EPSS
socket.io has an unhandled 'error' event
Impact A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. ``` node:events:502 throw err; // Unhandled 'error' event ^ Error [ERR_UNHANDLED_ERROR]: Unhandled error. (undefined) at new NodeError...
7.3CVSS
6.5AI Score
0.0004EPSS
CVE-2021-47612 nfc: fix segfault in nfc_genl_dump_devices_done
In the Linux kernel, the following vulnerability has been resolved: nfc: fix segfault in nfc_genl_dump_devices_done When kmalloc in nfc_genl_dump_devices() fails then nfc_genl_dump_devices_done() segfaults as below KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f] CPU: 0 PID:.....
0.0004EPSS
CVE-2021-47612 nfc: fix segfault in nfc_genl_dump_devices_done
In the Linux kernel, the following vulnerability has been resolved: nfc: fix segfault in nfc_genl_dump_devices_done When kmalloc in nfc_genl_dump_devices() fails then nfc_genl_dump_devices_done() segfaults as below KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f] CPU: 0 PID:.....
6.7AI Score
0.0004EPSS
Missing Authorization vulnerability in ThemePunch OHG Slider Revolution.This issue affects Slider Revolution: from n/a before...
7.1CVSS
6.9AI Score
0.0004EPSS
Missing Authorization vulnerability in ThemePunch OHG Slider Revolution.This issue affects Slider Revolution: from n/a before...
7.1CVSS
0.0004EPSS
CVE-2021-47592 net: stmmac: fix tc flower deletion for VLAN priority Rx steering
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix tc flower deletion for VLAN priority Rx steering To replicate the issue:- 1) Add 1 flower filter for VLAN Priority based frame steering:- $ IFDEVNAME=eth0 $ tc qdisc add dev $IFDEVNAME ingress $ tc qdisc add dev...
6.5AI Score
0.0004EPSS
CVE-2021-47592 net: stmmac: fix tc flower deletion for VLAN priority Rx steering
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix tc flower deletion for VLAN priority Rx steering To replicate the issue:- 1) Add 1 flower filter for VLAN Priority based frame steering:- $ IFDEVNAME=eth0 $ tc qdisc add dev $IFDEVNAME ingress $ tc qdisc add dev...
0.0004EPSS
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ThemePunch OHG Slider Revolution allows Stored XSS.This issue affects Slider Revolution: from n/a before...
5.9CVSS
7AI Score
0.0004EPSS
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ThemePunch OHG Slider Revolution allows Stored XSS.This issue affects Slider Revolution: from n/a before...
5.9CVSS
0.0004EPSS
CVE-2023-25697 WordPress GamiPress plugin <= 2.5.6 - CSRF Leading to Settings Change Vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in GamiPress.This issue affects GamiPress: from n/a through...
5.4CVSS
0.0004EPSS
CVE-2023-25697 WordPress GamiPress plugin <= 2.5.6 - CSRF Leading to Settings Change Vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in GamiPress.This issue affects GamiPress: from n/a through...
5.4CVSS
7AI Score
0.0004EPSS
CVE-2022-45832 WordPress Attorney theme <= 3 - Unauth. Arbitrary Content Deletion vulnerability
Missing Authorization vulnerability in Hennessey Digital Attorney.This issue affects Attorney: from n/a through...
6.5CVSS
0.0004EPSS
CVE-2023-39312 WordPress Avada theme <= 7.11.1 - Auth. Unrestricted Zip Extraction vulnerability
Missing Authorization vulnerability in ThemeFusion Avada.This issue affects Avada: from n/a through...
9.1CVSS
6.9AI Score
0.0004EPSS
CVE-2023-39312 WordPress Avada theme <= 7.11.1 - Auth. Unrestricted Zip Extraction vulnerability
Missing Authorization vulnerability in ThemeFusion Avada.This issue affects Avada: from n/a through...
9.1CVSS
0.0004EPSS
Missing Authorization vulnerability in ThimPress LearnPress.This issue affects LearnPress: from n/a through...
7.3CVSS
7AI Score
0.0004EPSS
Missing Authorization vulnerability in ThimPress LearnPress.This issue affects LearnPress: from n/a through...
7.3CVSS
0.0004EPSS
Missing Authorization vulnerability in ThimPress LearnPress.This issue affects LearnPress: from n/a through...
7.6CVSS
7AI Score
0.0004EPSS
Missing Authorization vulnerability in ThimPress LearnPress.This issue affects LearnPress: from n/a through...
7.6CVSS
0.0004EPSS
Missing Authorization vulnerability in Saturday Drive Ninja Forms.This issue affects Ninja Forms: from n/a through...
7.6CVSS
6.9AI Score
0.0004EPSS
Missing Authorization vulnerability in Saturday Drive Ninja Forms.This issue affects Ninja Forms: from n/a through...
7.6CVSS
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix a race between readers and resize checks The reader code in rb_get_reader_page() swaps a new reader page into the ring buffer by doing cmpxchg on old->list.prev->next to point it to the new page. Following th...
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix a race between readers and resize checks The reader code in rb_get_reader_page() swaps a new reader page into the ring buffer by doing cmpxchg on old->list.prev->next to point it to the new page. Following th...
6.4AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix a race between readers and resize checks The reader code in rb_get_reader_page() swaps a new reader page into the ring buffer by doing cmpxchg on old->list.prev->next to point it to the new page. Following th...
6.9AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix out-of-bound access of qmi_invoke_handler() Currently, there is no terminator entry for ath12k_qmi_msg_handlers hence facing below KASAN warning,...
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix out-of-bound access of qmi_invoke_handler() Currently, there is no terminator entry for ath12k_qmi_msg_handlers hence facing below KASAN warning,...
6.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix out-of-bound access of qmi_invoke_handler() Currently, there is no terminator entry for ath12k_qmi_msg_handlers hence facing below KASAN warning, ...
7AI Score
0.0004EPSS
Missing Authorization vulnerability in ThemeFusion Fusion Builder.This issue affects Fusion Builder: from n/a through...
5.4CVSS
0.0004EPSS
Missing Authorization vulnerability in ThemeFusion Fusion Builder.This issue affects Fusion Builder: from n/a through...
5.4CVSS
5.6AI Score
0.0004EPSS
Missing Authorization vulnerability in WP SCHEMA PRO Schema Pro.This issue affects Schema Pro: from n/a through...
6.5CVSS
6.5AI Score
0.0004EPSS
Missing Authorization vulnerability in Premium Addons Premium Addons PRO.This issue affects Premium Addons PRO: from n/a through...
6.5CVSS
6.5AI Score
0.0004EPSS
Missing Authorization vulnerability in Brainstorm Force Convert Pro.This issue affects Convert Pro: from n/a through...
7.1CVSS
6.9AI Score
0.0004EPSS
Missing Authorization vulnerability in Premium Addons Premium Addons PRO.This issue affects Premium Addons PRO: from n/a through...
6.5CVSS
0.0004EPSS
Missing Authorization vulnerability in Brainstorm Force Convert Pro.This issue affects Convert Pro: from n/a through...
7.1CVSS
0.0004EPSS
Missing Authorization vulnerability in WP SCHEMA PRO Schema Pro.This issue affects Schema Pro: from n/a through...
6.5CVSS
0.0004EPSS
Missing Authorization vulnerability in Woo WooCommerce Ship to Multiple Addresses.This issue affects WooCommerce Ship to Multiple Addresses: from n/a through...
6.5CVSS
0.0004EPSS
Missing Authorization vulnerability in Woo WooCommerce Ship to Multiple Addresses.This issue affects WooCommerce Ship to Multiple Addresses: from n/a through...
6.5CVSS
6.5AI Score
0.0004EPSS
Missing Authorization vulnerability in Brainstorm Force Spectra.This issue affects Spectra: from n/a through...
5.4CVSS
0.0004EPSS
Missing Authorization vulnerability in Brainstorm Force Spectra.This issue affects Spectra: from n/a through...
5.4CVSS
5.5AI Score
0.0004EPSS
Missing Authorization vulnerability in Artbees JupiterX Core.This issue affects JupiterX Core: from 3.0.0 through...
5.4CVSS
7AI Score
0.0004EPSS
Missing Authorization vulnerability in Artbees JupiterX Core.This issue affects JupiterX Core: from 3.0.0 through...
5.4CVSS
0.0004EPSS
Missing Authorization vulnerability in ThemeFusion Fusion Builder.This issue affects Fusion Builder: from n/a through...
5.4CVSS
7AI Score
0.0004EPSS
Missing Authorization vulnerability in ThemeFusion Fusion Builder.This issue affects Fusion Builder: from n/a through...
5.4CVSS
0.0004EPSS
CVE-2023-36676 WordPress Spectra plugin <= 2.6.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in Brainstorm Force Spectra.This issue affects Spectra: from n/a through...
5.4CVSS
0.0004EPSS
CVE-2023-36676 WordPress Spectra plugin <= 2.6.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in Brainstorm Force Spectra.This issue affects Spectra: from n/a through...
5.4CVSS
7AI Score
0.0004EPSS
CVE-2023-36683 WordPress Schema Pro plugin <= 2.7.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in WP SCHEMA PRO Schema Pro.This issue affects Schema Pro: from n/a through...
6.5CVSS
7AI Score
0.0004EPSS
CVE-2023-36683 WordPress Schema Pro plugin <= 2.7.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in WP SCHEMA PRO Schema Pro.This issue affects Schema Pro: from n/a through...
6.5CVSS
0.0004EPSS