18240 matches found
WordPress Easy Forms for Mailchimp Plugin < 6.8.9 - Cross-Site Scripting
The Easy Forms for Mailchimp plugin before version 6.8.9 contains a reflected cross-site scripting vulnerability. The plugin does not properly sanitize and escape the sqlerror parameter before outputting it back in the page when the debug option is enabled, which could allow attackers to execute...
WordPress Order Listener for WooCommerce <3.2.2 - SQL Injection
WordPress Order Listener for WooCommerce plugin before 3.2.2 contains a SQL injection vulnerability. The plugin does not sanitize and escape the id parameter before using it in a SQL statement via a REST route. An attacker can possibly obtain sensitive information, modify data, and/or execute...
ZEROF Web Server 2.0 - Cross-Site Scripting
ZEROF Web Server 2.0 allows /admin.back cross-site scripting. id: CVE-2022-25323 info: name: ZEROF Web Server 2.0 - Cross-Site Scripting author: pikpikcu severity: medium description: ZEROF Web Server 2.0 allows /admin.back cross-site scripting. impact: | Successful exploitation of this...
Jenkins build-metrics 1.3 - Cross-Site Scripting
Jenkins build-metrics 1.3 is vulnerable to a reflected cross-site scripting vulnerability that allows attackers to inject arbitrary HTML and JavaScript into the web pages the plugin provides. id: CVE-2019-10475 info: name: Jenkins build-metrics 1.3 - Cross-Site Scripting author: madrobot severity...
WordPress W3 Total Cache <2.1.4 - Cross-Site Scripting
WordPress W3 Total Cache plugin before 2.1.4 is susceptible to cross-site scripting within the extension parameter in the Extensions dashboard, which is output in an attribute without being escaped first. This can allow an attacker to convince an authenticated admin into clicking a link to run...
DomainMOD 4.13.0 - Cross-Site Scripting
DomainMOD 4.13.0 is vulnerable to cross-site scripting via reporting/domains/cost-by-owner.php in the "or Expiring Between" parameter. id: CVE-2020-20988 info: name: DomainMOD 4.13.0 - Cross-Site Scripting author: arafatansari severity: medium description: | DomainMOD 4.13.0 is vulnerable to...
Schools Alert Management Script - Arbitrary File Read
Schools Alert Management Script is susceptible to an arbitrary file read vulnerability via the f parameter in img.php, aka absolute path traversal. id: CVE-2018-12054 info: name: Schools Alert Management Script - Arbitrary File Read author: wisnupramoedya severity: high description: Schools Alert...
CVE-2026-56675
creationtimestamp| type| source ---|---|--- 2026-07-10 23:11:50+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqdbiszh4227 2026-07-10 23:42:29+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqdd7lsx7p2s...
CVE-2026-39903
creationtimestamp| type| source ---|---|--- 2026-07-10 22:50:46+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqdad5ewbv2y 2026-07-11 00:18:14+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqdf7jzsx32y...
CVE-2025-42009
creationtimestamp| type| source ---|---|--- 2026-07-10 20:15:07+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/vulnerability-impacting-roundcube-webmail-cve-2025-49113...
CVE-2026-54072
creationtimestamp| type| source ---|---|--- 2026-07-10 20:14:05+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mqcxkxuefn2w...
CVE-2026-61434
creationtimestamp| type| source ---|---|--- 2026-07-10 16:10:29+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqcjxeiech2k 2026-07-10 20:19:37+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqcxuudb3h2a 2026-07-10 23:30:34+00:00| seen|...
CVE-2026-40005
creationtimestamp| type| source ---|---|--- 2026-07-10 12:15:40+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-40005 2026-07-10 13:12:36+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mqc7zcfut62u 2026-07-10 17:46:05+00:00| seen|...
CVE-2026-15270
creationtimestamp| type| source ---|---|--- 2026-07-10 00:15:12+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-15270...
CVE-2026-0275
creationtimestamp| type| source ---|---|--- 2026-07-10 00:15:09+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-0275...
CVE-2026-6910
creationtimestamp| type| source ---|---|--- 2026-07-09 23:09:21+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqaqvh3tlj2a 2026-07-09 23:09:24+00:00| seen| https://bsky.app/profile/qiancx.bsky.social/post/3mqaqvitzmm2k...
CVE-2026-49274
creationtimestamp| type| source ---|---|--- 2026-07-09 19:57:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqag5munyo2x...
CVE-2026-59826
creationtimestamp| type| source ---|---|--- 2026-07-09 18:28:04+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mqab6hpfet2r 2026-07-09 18:43:01+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqabz6y7ax27...
CVE-2026-9235
creationtimestamp| type| source ---|---|--- 2026-07-09 12:12:43+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mq7m7bwwnx2i...
CVE-2026-47826
creationtimestamp| type| source ---|---|--- 2026-07-09 08:17:12+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mq7725o5kx2x 2026-07-09 17:01:42+00:00| seen| https://bsky.app/profile/hugovalters.bsky.social/post/3mqa4dzxgrg2n 2026-07-09 17:22:30+00:00| seen|...