Lucene search
K

12 matches found

Circl
Circl
added 3 days ago5 views

CVE-2026-13563

creationtimestamp| type| source ---|---|--- 2026-06-29 12:42:24+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpgj76gdbe2t 2026-06-29 19:36:22+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mphadfcnq32x 2026-06-29 20:19:24+00:00| seen|...

9CVSS7.3AI score0.00445EPSS
Exploits0References3
NVD
NVD
added 2026/02/19 7:17 a.m.6 views

CVE-2025-13563

The Lizza LMS Pro plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.0.3. This is due to the 'lizzalmsproregisteruserfrontend' function not restricting what user roles a user can register with. This makes it possible for unauthenticated attackers to...

9.8CVSS0.00368EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 4:19 a.m.7 views

CVE-2019-13563

D-Link DIR-655 C devices before 3.02B05 BETA03 allow CSRF for the entire management console...

8.8CVSS7.2AI score0.0103EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/02/15 8:25 a.m.13 views

CVE-2024-13563 Front End Users <= 3.2.30 - Authenticated (Contributor+) Stored Cross-Site Scripting via forgot-password Shortcode

The Front End Users plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's forgot-password shortcode in all versions up to, and including, 3.2.30 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS0.00284EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/02/15 8:25 a.m.10 views

CVE-2024-13563 Front End Users <= 3.2.30 - Authenticated (Contributor+) Stored Cross-Site Scripting via forgot-password Shortcode

The Front End Users plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's forgot-password shortcode in all versions up to, and including, 3.2.30 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS5.8AI score0.00284EPSS
Exploits0References4
Circl
Circl
added 2021/02/01 7:25 p.m.6 views

CVE-2020-13563

creationtimestamp| type| source ---|---|--- 2021-02-01 19:25:15+00:00| seen| https://t.me/cibsecurity/22902...

9.6CVSS7.7AI score0.75856EPSS
Exploits1References1
CVE
CVE
added 2021/02/01 3:6 p.m.57 views

CVE-2020-13563

CVE-2020-13563 covers multiple XSS vulnerabilities in phpGACL 3.3.7 templates. The Red Hat, NVD, OSV, CVE.org and TALOS entries describe XSS via unsanitized Smarty template variables such as group_id, acl_id and action, leading to arbitrary JavaScript execution when crafting specific HTTP request...

9.6CVSS6AI score0.75856EPSS
Exploits1References1Affected Software1
Talos
Talos
added 2021/01/27 12:0 a.m.67 views

phpGACL template multiple cross-site scripting vulnerabilities

Summary Multiple cross-site scripting vulnerabilities exist in the template functionality of phpGACL 3.3.7. A specially crafted HTTP request can lead to arbitrary JavaScript execution. An attacker can provide a crafted URL to trigger this vulnerability. Tested Versions phpGACL 3.3.7 OpenEMR 5.0.2...

9.6CVSS6.7AI score0.77745EPSS
Exploits3
NVD
NVD
added 2020/03/24 8:15 p.m.14 views

CVE-2019-20616

An issue was discovered on Samsung mobile devices with N7.x and O8.x software. Gallery leaks a thumbnail of Private Mode content. The Samsung ID is SVE-2018-13563 March 2019...

5.3CVSS5.4AI score0.0034EPSS
Exploits0References1
CVE
CVE
added 2020/03/24 7:31 p.m.45 views

CVE-2019-20616

Technical details (affected component, root cause, version-specific impact, or fixes) are not publicly provided in the connected documents. Monitor for updates from Samsung and security advisories.

5.3CVSS5.4AI score0.0034EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/07/11 2:59 p.m.46 views

CVE-2019-13563

The CVE refers to D-Link DIR-655 C devices before version 3.02B05 BETA03, which are vulnerable to Cross-Site Request Forgery (CSRF) that can affect the entire management console. The root cause is insufficient CSRF protection in the web interface, allowing an attacker to induce unintended actions...

8.8CVSS9.1AI score0.0103EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2018/07/09 6:0 a.m.34 views

CVE-2018-13563

The CVE-2018-13563 issue affects the UPayToken Ethereum token: the mintToken function has an integer overflow that lets the contract owner set any user’s balance to an arbitrary value. This is a functional integrity risk in the token’s accounting, potentially enabling balance manipulation without...

7.5CVSS7.7AI score0.01094EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder