WP Helper Lite < 4.3 - Cross-Site Scripting

The WP Helper Lite WordPress plugin, in versions 4.3, returns all GET parameters unsanitized in the response, resulting in a reflected cross-site scripting vulnerability. id: CVE-2023-0448 info: name: WP Helper Lite 4.3 - Cross-Site Scripting author: ritikchaddha severity: medium description: | T...

CVE-2022-0448

The CP Blocks WordPress plugin before 1.0.15 does not sanitise and escape its "License ID" settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...

CVE-1999-0448

IIS 4.0 and Apache log HTTP request methods, regardless of how long they are, allowing a remote attacker to hide the URL they really request...

EUVD-2026-0448

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

Linux Distros Unpatched Vulnerability : CVE-2017-0448

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An information disclosure vulnerability in the NVIDIA video driver could enable a local malicious application to access data outside of its permission levels...

Linux Distros Unpatched Vulnerability : CVE-2021-0448

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ubuntu Linux - Unknown description CVE-2021-0448 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900 C Tenable...

Linux Distros Unpatched Vulnerability : CVE-2025-0448

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Compositing in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page...

Fedora 40 : chromium (2025-4c65803ea6)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-4c65803ea6 advisory. Update to 132.0.6834.83 High CVE-2025-0434: Out of bounds memory access in V8 High CVE-2025-0435: Inappropriate implementation in Navigation High...

Chromium: CVE-2025-0448 Inappropriate implementation in Compositing

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2025-0448 vulnerabilities

Vulnerabilities for packages: chromium...

CVE-2025-0448

Inappropriate implementation in Compositing in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

CVE-2025-0448

creationtimestamp| type| source ---|---|--- 2025-01-15 11:09:52+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/1720 2025-01-15 11:16:06+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfrnavzlzx2f 2025-01-15 11:51:31+00:00| seen|...

CVE-2025-0448

Inappropriate implementation in Compositing in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

CVE-2025-0448

Summary of CVE-2025-0448 : In Google Chrome/Chromium, an inappropriate implementation in the Compositing pipeline allowed a remote attacker to perform UI spoofing via a crafted HTML page. The issue is tied to Chrome/Chromium’s UI/compositing code and is listed among Chrome security fixes for vers...

CVE-2025-0448

Inappropriate implementation in Compositing in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

CVE-2025-0448

Inappropriate implementation in Compositing in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

CVE-2023-0448

creationtimestamp| type| source ---|---|--- 2024-10-24 04:50:29+00:00| published-proof-of-concept| https://t.me/codeb0ss/974...

CVE-2024-0448

creationtimestamp| type| source ---|---|--- 2024-02-05 23:31:34+00:00| seen| https://t.me/ctinow/179602 2024-02-18 15:11:57+00:00| seen| https://t.me/ctinow/187270...

CVE-2024-0448 Elementor Addons by Livemesh <= 8.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widget URL parameters in all versions up to, and including, 8.3.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with...

CVE-2024-0448

CVE-2024-0448 affects the Elementor Addons by Livemesh plugin for WordPress (versions up to and including 8.3.1). The underlying issue is Stored Cross-Site Scripting via the widget URL parameters caused by insufficient input sanitization and output escaping, allowing authenticated attackers with ...