18213 matches found
WordPress W3 Total Cache <2.1.4 - Cross-Site Scripting
WordPress W3 Total Cache plugin before 2.1.4 is susceptible to cross-site scripting within the extension parameter in the Extensions dashboard, which is output in an attribute without being escaped first. This can allow an attacker to convince an authenticated admin into clicking a link to run...
WordPress Easy Forms for Mailchimp Plugin < 6.8.9 - Cross-Site Scripting
The Easy Forms for Mailchimp plugin before version 6.8.9 contains a reflected cross-site scripting vulnerability. The plugin does not properly sanitize and escape the sqlerror parameter before outputting it back in the page when the debug option is enabled, which could allow attackers to execute...
WordPress Order Listener for WooCommerce <3.2.2 - SQL Injection
WordPress Order Listener for WooCommerce plugin before 3.2.2 contains a SQL injection vulnerability. The plugin does not sanitize and escape the id parameter before using it in a SQL statement via a REST route. An attacker can possibly obtain sensitive information, modify data, and/or execute...
ZEROF Web Server 2.0 - Cross-Site Scripting
ZEROF Web Server 2.0 allows /admin.back cross-site scripting. id: CVE-2022-25323 info: name: ZEROF Web Server 2.0 - Cross-Site Scripting author: pikpikcu severity: medium description: ZEROF Web Server 2.0 allows /admin.back cross-site scripting. impact: | Successful exploitation of this...
DomainMOD 4.13.0 - Cross-Site Scripting
DomainMOD 4.13.0 is vulnerable to cross-site scripting via reporting/domains/cost-by-owner.php in the "or Expiring Between" parameter. id: CVE-2020-20988 info: name: DomainMOD 4.13.0 - Cross-Site Scripting author: arafatansari severity: medium description: | DomainMOD 4.13.0 is vulnerable to...
Schools Alert Management Script - Arbitrary File Read
Schools Alert Management Script is susceptible to an arbitrary file read vulnerability via the f parameter in img.php, aka absolute path traversal. id: CVE-2018-12054 info: name: Schools Alert Management Script - Arbitrary File Read author: wisnupramoedya severity: high description: Schools Alert...
CVE-2026-59826
creationtimestamp| type| source ---|---|--- 2026-07-09 18:28:04+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mqab6hpfet2r 2026-07-09 18:43:01+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqabz6y7ax27...
CVE-2026-47826
creationtimestamp| type| source ---|---|--- 2026-07-09 08:17:12+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mq7725o5kx2x 2026-07-09 17:01:42+00:00| seen| https://bsky.app/profile/hugovalters.bsky.social/post/3mqa4dzxgrg2n 2026-07-09 17:22:30+00:00| seen|...
CVE-2026-59819
creationtimestamp| type| source ---|---|--- 2026-07-09 00:15:21+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-59819...
CVE-2026-59821
creationtimestamp| type| source ---|---|--- 2026-07-09 00:15:19+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-59821...
CVE-2026-59820
creationtimestamp| type| source ---|---|--- 2026-07-09 00:15:16+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-59820...
CVE-2026-59804
creationtimestamp| type| source ---|---|--- 2026-07-09 00:15:12+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-59804...
CVE-2026-59805
creationtimestamp| type| source ---|---|--- 2026-07-09 00:15:09+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-59805...
CVE-2026-59806
creationtimestamp| type| source ---|---|--- 2026-07-09 00:15:07+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-59806...
CVE-2026-37270
creationtimestamp| type| source ---|---|--- 2026-07-08 00:49:23+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mq3vkidjom2i 2026-07-09 17:24:04+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mqa5m23jlp2q...
CVE-2026-53729
creationtimestamp| type| source ---|---|--- 2026-07-07 23:22:37+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mq3qpdpbgf2l...
Jenkins build-metrics 1.3 - Cross-Site Scripting
Jenkins build-metrics 1.3 is vulnerable to a reflected cross-site scripting vulnerability that allows attackers to inject arbitrary HTML and JavaScript into the web pages the plugin provides. id: CVE-2019-10475 info: name: Jenkins build-metrics 1.3 - Cross-Site Scripting author: madrobot severity...
GHSA-JV8R-GQR9-68WJ
creationtimestamp| type| source ---|---|--- 2026-07-06 19:19:40+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mpysnxoqkx22 2026-07-07 00:01:32+00:00| seen| https://bsky.app/profile/slackers.it/post/3mpzcfyt62f2d...
Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.21.1 security update
Important: Red Hat OpenShift GitOps v1.21.1 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-10083 RC 1.21.0-7: Missing permission for web-based terminal in Argocd UI GITOPS-10178 OpenShift GitOps operator v1.21.0 breaks Redis-HA...
CVE-2024-28996
creationtimestamp| type| source ---|---|--- 2026-07-06 12:00:06+00:00| seen| https://t.me/ZerodayAlert/249 2026-07-07 00:00:11+00:00| seen| https://t.me/ZerodayAlert/249...