99 matches found
CVE-2022-0627
The Amelia WordPress plugin before 1.0.47 does not sanitize and escape the code parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting...
CVE-2026-0627
creationtimestamp| type| source ---|---|--- 2026-01-09 10:00:29+00:00| seen| Telegram/-qRpWClxl86ARAdiPdNSW7xfOFXs-vHSEsY-1W0Qow9HIWs 2026-01-09 10:36:56+00:00| seen| https://gist.github.com/Darkcrai86/40ea39bffa0cacde908c043e94a780db 2026-01-09 11:35:16+00:00| seen|...
EUVD-2020-0627
Malware in sbrugna...
EUVD-2023-0627
Malicious code in bioql PyPI...
CVE-2009-0627
Unspecified vulnerability in Cisco NX-OS before 4.01aN21, when running on Nexus 5000 platforms, allows remote attackers to cause a denial of service crash via an unspecified "sequence of TCP packets" related to "TCP State manipulation," possibly related to separate attacks against CVE-2008-4609...
CVE-1999-0627
The rexd service is running, which uses weak authentication that can allow an attacker to execute commands...
WordPress AI Autotagger plugin < 3.30.0 - Admin+ Stored XSS vulnerability
Admin+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin TaxoPress versions 3.30.0...
CVE-2025-0627
The WordPress Tag, Category, and Taxonomy Manager WordPress plugin before 3.30.0 does not sanitise and escape some of its Widgets settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for...
CVE-2025-0627 AI Autotagger < 3.30.0 - Admin+ Stored XSS
The WordPress Tag, Category, and Taxonomy Manager WordPress plugin before 3.30.0 does not sanitise and escape some of its Widgets settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for...
CVE-2025-0627
CVE-2025-0627 involves the WordPress Tag, Category, and Taxonomy Manager – AI Autotagger plugin (pre-3.30.0). The issue is a failure to sanitize/escape certain Widgets settings, enabling Stored Cross-Site Scripting by high-privilege users (e.g., admins) even when unfiltered_html is disabled (such...
CVE-2025-0627 AI Autotagger < 3.30.0 - Admin+ Stored XSS
The WordPress Tag, Category, and Taxonomy Manager WordPress plugin before 3.30.0 does not sanitise and escape some of its Widgets settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for...
CVE-2024-0627 Custom Field Template <= 2.6.1 - Authenticated(Constibutor+) Stored Cross-Site Scripting via Custom Field Name
The Custom Field Template plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's custom field name column in all versions up to, and including, 2.6.1 due to insufficient input sanitization and output escaping on user supplied custom fields. This makes it possible for...
CVE-2024-0627
The CVE-2024-0627 entry concerns the WordPress plugin Custom Field Template (versions
CVE-2024-0627 Custom Field Template <= 2.6.1 - Authenticated(Constibutor+) Stored Cross-Site Scripting via Custom Field Name
The Custom Field Template plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's custom field name column in all versions up to, and including, 2.6.1 due to insufficient input sanitization and output escaping on user supplied custom fields. This makes it possible for...
WordPress Custom Field Template Plugin <= 2.6.1 is vulnerable to Cross Site Scripting (XSS)
Software Custom Field Template Type Plugin Vulnerable versions = 2.6.1 Fixed in 2.6.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0627 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 79102f5cc8d6 Credits Luk 6785 Required...
Rocky Linux 8 : gnutls (RLSA-2024:0627)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:0627 advisory. - A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts wit...
Oracle Linux 8 : gnutls (ELSA-2024-0627)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-0627 advisory. 3.6.16-8.1 - auth/rsa-psk: minimize branching after decryption RHEL-21550 Tenable has extracted the preceding description block directly from the Oracle Linux...
RHSA-2024:0627
creationtimestamp| type| source ---|---|--- 2024-01-31 10:16:58+00:00| seen| https://t.me/ctinow/176619...
Moderate: Red Hat Security Advisory: gnutls security update
An update for gnutls is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
RHEL 8 : gnutls (RHSA-2024:0627)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0627 advisory. The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS...