Lucene search
+L

129 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 4:8 a.m.6 views

CVE-2024-54413

Cross-Site Request Forgery CSRF vulnerability in brandt-net Display Future Posts display-future-posts allows Stored XSS.This issue affects Display Future Posts: from n/a through = 0.2.3...

7.1CVSS7.2AI score0.00206EPSS
Exploits0References1
NVD
NVD
added 2024/12/16 3:15 p.m.26 views

CVE-2024-54413

Cross-Site Request Forgery CSRF vulnerability in brandt-net Display Future Posts display-future-posts allows Stored XSS.This issue affects Display Future Posts: from n/a through = 0.2.3...

7.1CVSS0.00206EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/16 2:13 p.m.10 views

CVE-2024-54413 WordPress Display Future Posts plugin <= 0.2.3 - CSRF to Stored Cross-Site Scripting vulnerability

Cross-Site Request Forgery CSRF vulnerability in Stefan Brandt Display Future Posts allows Stored XSS.This issue affects Display Future Posts: from n/a through 0.2.3...

7.1CVSS6.8AI score0.00206EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/16 12:0 a.m.7 views

PT-2024-36301 · Unknown · Display Future Posts

Name of the Vulnerable Software and Affected Versions: Display Future Posts versions n/a through 0.2.3 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on a web application,...

7.1CVSS6.8AI score0.00206EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/12/16 12:0 a.m.5 views

WordPress plugin Display Future Posts 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability exists in the...

7.1CVSS8.4AI score0.00206EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/12/12 1:10 p.m.8 views

WordPress Display Future Posts plugin <= 0.2.3 - CSRF to Stored Cross-Site Scripting vulnerability

CSRF to Stored Cross-Site Scripting vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Display Future Posts versions = 0.2.3...

7.1CVSS5.8AI score0.00206EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2024/11/19 12:0 a.m.7 views

ESLint Rewrite 安全漏洞

ESLint Rewrite is an ESLint open source application. A security vulnerability exists in ESLint Rewrite versions prior to 0.2.3, which stems from improper input cleanup and is susceptible to regular expression denial of service attacks...

7.5CVSS6.4AI score0.00482EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/09/04 7:5 p.m.5 views

Malicious code in @maas-themes/config (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 4481efc3fc653e0e4e03b7769498d8a50b20b1df2d61d153c2b48818711b789d The OpenSSF Package Analysis project identified '@maas-themes/config' @ 0.2.3 npm as malicious. It is considered malicious because: - The packag...

7.2AI score
Exploits0
Vulnrichment
Vulnrichment
added 2024/04/24 12:0 a.m.12 views

CVE-2024-33531

cdbattags lua-resty-jwt 0.2.3 allows attackers to bypass all JWT-parsing signature checks by crafting a JWT with an enc header with the value A256GCM...

6.8AI score0.00533EPSS
Exploits0References3
CVE
CVE
added 2024/04/24 12:0 a.m.123 views

CVE-2024-33531

CVE-2024-33531 affects lua-resty-jwt 0.2.3, allowing attackers to bypass all JWT-signature checks by crafting a token with an enc header value of A256GCM. The issue is documented across multiple IBM advisories and CVE aggregations, with no public exploitation details provided in the sources. Reme...

8.1CVSS6.7AI score0.00533EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2023/11/20 11:15 p.m.9 views

upydevice (>=0.0.1 <=0.2.3) potentially affected by CVE-2023-48051 via upydev (>=0.1.7 <=0.3.3)

upydev PYPI version =0.1.7, =0.0.1, =0.2.3 Source cves: CVE-2023-48051 Source advisory: OSV:PYSEC-2023-302...

7.5CVSS7.1AI score0.00248EPSS
Exploits1
NVD
NVD
added 2023/10/18 2:15 p.m.26 views

CVE-2023-45628

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in QROkes QR Twitter Widget plugin = 0.2.3 versions...

6.5CVSS5.8AI score0.0031EPSS
Exploits0References1
OSV
OSV
added 2023/10/18 2:15 p.m.2 views

CVE-2023-45628

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in QROkes QR Twitter Widget plugin = 0.2.3 versions...

5.4CVSS7.3AI score0.0031EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/08/25 8:27 p.m.8 views

CVE-2023-40571 weblogic-framework Deserialization of Untrusted Data vulnerability

weblogic-framework is a tool for detecting weblogic vulnerabilities. Versions 0.2.3 and prior do not verify the returned data packets, and there is a deserialization vulnerability which may lead to remote code execution. When weblogic-framework gets the command echo, it directly deserializes the...

9.8CVSS7.8AI score0.01184EPSS
Exploits0References2
OSV
OSV
added 2023/06/29 9:30 p.m.3 views

GHSA-CCRC-9X59-3VC4 requests-xml XML External Entity Injection vulnerability

requests-xml v0.2.3 was discovered to contain an XML External Entity Injection XXE vulnerability which allows attackers to execute arbitrary code via a crafted XML file...

7.5CVSS6.2AI score0.00731EPSS
Exploits0References5
PyPA
PyPA
added 2023/06/29 9:15 p.m.5 views

PYSEC-2023-96

requests-xml v0.2.3 was discovered to contain an XML External Entity Injection XXE vulnerability which allows attackers to execute arbitrary code via a crafted XML file...

7.5CVSS8.5AI score0.00731EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2023/06/29 12:0 a.m.17 views

Requests-XML 代码问题漏洞

Requests-XML is a library for parsing XML from the individual developers at erinxocon. A security vulnerability exists in requests-xml version v0.2.3, which stems from the inclusion of an XML External Entity Injection XXE vulnerability that allows an attacker to execute arbitrary code via a craft...

7.5CVSS7.8AI score0.00731EPSS
Exploits0References3
OSV
OSV
added 2023/05/08 1:15 p.m.4 views

CVE-2023-25452

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Michael Pretty prettyboymp CMS Press plugin = 0.2.3 versions...

4.8CVSS6.5AI score0.00369EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/03/24 12:0 a.m.4 views

PT-2023-21905 · Dino +2 · Dino +2

Name of the Vulnerable Software and Affected Versions: Dino versions prior to 0.2.3 Dino versions 0.3.x prior to 0.3.2 Dino versions 0.4.x prior to 0.4.2 Description: The issue allows attackers to modify the personal bookmark store via a crafted message. This can lead to changing the display of...

7.1CVSS6.4AI score0.00699EPSS
Exploits0References29
SUSE CVE
SUSE CVE
added 2023/02/15 5:39 a.m.8 views

SUSE CVE-2013-2166

python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache encryption bypass...

9.8CVSS7AI score0.01764EPSS
Exploits1References4
Rows per page
Query Builder