Lucene search
K

51 matches found

EUVD
EUVD
added 2025/12/30 12:32 a.m.7 views

EUVD-2025-205664

A weakness has been identified in code-projects Refugee Food Management System 1.0. This affects an unknown part of the file /home/editfood.php. This manipulation of the argument a/b/c/d causes sql injection. The attack may be initiated remotely. The exploit has been made available to the public...

6.5CVSS6.5AI score0.00309EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-9663

Malware in sbrugna...

8.8CVSS8.8AI score0.00649EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2016-1968

Malware in sbrugna...

6.5CVSS6.5AI score0.02195EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2016-1920

Malware in sbrugna...

10CVSS9.1AI score0.01649EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-38827

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.01102EPSS
Exploits0References3
CNVD
CNVD
added 2025/07/07 12:0 a.m.4 views

WordPress A/B Testing for WordPress plugin cross-site scripting vulnerability

WordPress A/B Testing for WordPress plugin is a plugin for A/B testing in WordPress websites, which is mainly used to help optimize website conversions by comparing the effects of different page elements such as titles, button colors, content, etc.. The WordPress A/B Testing for WordPress plugin...

6.4CVSS6.5AI score0.00182EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/06/29 8:24 a.m.9 views

CVE-2025-4587

The A/B Testing for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ab-testing-for-wp/ab-test-block' block in all versions up to, and including, 1.18.2 due to insufficient input sanitization and output escaping on the 'id' parameter. This makes it...

6.4CVSS5.9AI score0.00182EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/06/27 11:18 a.m.9 views

WordPress A/B Testing for WordPress plugin <= 1.18.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Chuck in WordPress Plugin A/B Testing for WordPress versions = 1.18.2...

6.4CVSS5.5AI score0.00182EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/06/27 7:22 a.m.4 views

CVE-2025-4587 A/B Testing for WordPress <= 1.18.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

The A/B Testing for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ab-testing-for-wp/ab-test-block' block in all versions up to, and including, 1.18.2 due to insufficient input sanitization and output escaping on the 'id' parameter. This makes it...

6.4CVSS5.8AI score0.00182EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/06/27 7:22 a.m.11 views

CVE-2025-4587 A/B Testing for WordPress <= 1.18.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

The A/B Testing for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ab-testing-for-wp/ab-test-block' block in all versions up to, and including, 1.18.2 due to insufficient input sanitization and output escaping on the 'id' parameter. This makes it...

6.4CVSS0.00182EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/06/25 2:51 p.m.6 views

Malicious code in kwp-a-b-testing (npm)

The package communicates with a domain associated with malicious activity...

7AI score
Exploits0
OSV
OSV
added 2025/03/06 6:15 a.m.2 views

CVE-2024-13868

The URL Shortener | Conversion Tracking | AB Testing | WooCommerce WordPress plugin through 9.0.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1CVSS7.3AI score0.00299EPSS
Exploits1References1
0day.today
0day.today
added 2025/02/18 12:0 a.m.253 views

WordPress A/B Image Optimizer 3.3 Plugin Arbitrary File Download Vulnerability

WordPress Plugin A/B Image Optimizer plugin versions 3.3 and below suffers from an arbitrary file download vulnerability. CVE-2025-25163 Plugin A/B Image Optimizer = 3.3 - Authenticated Subscriber+ Arbitrary File Download Description The Plugin A/B Image Optimizer plugin for WordPress is vulnerab...

9.8CVSS9.6AI score0.01966EPSS
Exploits4
RedhatCVE
RedhatCVE
added 2025/02/09 10:19 a.m.8 views

CVE-2025-25163

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Zach Swetz Plugin A/B Image Optimizer images-optimizer allows Path Traversal.This issue affects Plugin A/B Image Optimizer: from n/a through = 3.3...

9.8CVSS7.2AI score0.01966EPSS
Exploits4References1
NVD
NVD
added 2025/02/07 10:15 a.m.17 views

CVE-2025-25163

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Zach Swetz Plugin A/B Image Optimizer images-optimizer allows Path Traversal.This issue affects Plugin A/B Image Optimizer: from n/a through = 3.3...

9.8CVSS0.01966EPSS
Exploits4References1
CVE
CVE
added 2025/02/07 10:12 a.m.58 views

CVE-2025-25163

CVE-2025-25163 affects WordPress Plugin A/B Image Optimizer (versions up to 3.3). The vulnerability is a Path Traversal (improper limitation of a pathname to a restricted directory) that can enable an attacker to download arbitrary server files. Public PoCs demonstrate exploitation via authentica...

9.8CVSS7.2AI score0.01966EPSS
Exploits4References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/02/05 10:41 p.m.8 views

CVE-2022-36065

GrowthBook is an open-source platform for feature flagging and A/B testing. With some self-hosted configurations in versions prior to 2022-08-29, attackers can register new accounts and upload files to arbitrary directories within the container. If the attacker uploads a Python script to the righ...

7.5CVSS7.3AI score0.01102EPSS
Exploits0
Filippo.io
Filippo.io
added 2024/12/05 9:26 p.m.23 views

frood, an Alpine initramfs NAS

My NAS, frood, has a bit of a weird setup. It’s just one big initramfs containing a whole Alpine Linux system. It’s delightful and I am not sure why it’s not more common. As long as the bootloader can find the kernel and initramfs, the machine comes up cleanly. A/B deployments and rollbacks are...

7.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/10/09 5:8 p.m.13 views

Google Search user interface: A/B testing shows security concerns remain

For the past few days, Google has been A/B testing some subtle visual changes to its user interface for the search results page. You may only get the new UI for certain types of searches or based on your current geolocation. This test is not to be confused with but could part of a previously...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/04/30 12:0 a.m.23 views

Amazon Linux 2 : kernel (ALASKERNEL-5.4-2024-063)

The version of kernel installed on the remote host is prior to 5.4.110-54.189. It is, therefore, affected by a vulnerability as referenced in the ALAS2KERNEL-5.4-2024-063 advisory. In the Linux kernel, the following vulnerability has been resolved: locking/qrwlock: Fix ordering in...

5.5CVSS6.5AI score0.00228EPSS
Exploits0References4
Rows per page
Query Builder