Lucene search
K

263 matches found

vulnrichment
vulnrichment
added 2025/12/09 2:52 p.m.0 views

CVE-2025-63013 WordPress WP Hotel Booking plugin <= 2.2.7 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in ThimPress WP Hotel Booking wp-hotel-booking allows Retrieve Embedded Sensitive Data.This issue affects WP Hotel Booking: from n/a through = 2.2.7...

4.3CVSS6.5AI score0.00223EPSS
Exploits0References1
cve
cve
added 2025/12/09 2:52 p.m.7 views

CVE-2025-63013

CVE-2025-63013 affects the WordPress WP Hotel Booking plugin (wp-hotel-booking) versions up to and including 2.2.7. The documented issue is exposure of sensitive system information and the ability to retrieve embedded sensitive data, indicating a data-access exposure vulnerability. The root cause...

4.3CVSS6.5AI score0.00223EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/12/09 2:52 p.m.2 views

CVE-2025-63011 WordPress WP Hotel Booking plugin <= 2.2.8 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThimPress WP Hotel Booking wp-hotel-booking allows DOM-Based XSS.This issue affects WP Hotel Booking: from n/a through = 2.2.8...

5.9CVSS5.2AI score0.00174EPSS
Exploits0References1
cvelist
cvelist
added 2025/12/09 2:14 p.m.25 views

CVE-2025-67527 WordPress Digiqole theme < 2.2.7 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in trippleS Digiqole digiqole allows PHP Local File Inclusion.This issue affects Digiqole: from n/a through 2.2.7...

7.5CVSS0.00385EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2025/12/09 12:0 a.m.9 views

PT-2025-49903

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in trippleS Digiqole digiqole allows PHP Local File Inclusion.This issue affects Digiqole: from n/a through 2.2.7...

9.8CVSS7.1AI score0.00385EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2025/11/05 9:27 a.m.2 views

CVE-2025-11987 Visual Link Preview <= 2.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via visual-link-preview Shortcode

The Visual Link Preview plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's visual-link-preview shortcode in versions up to, and including, 2.2.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS4.8AI score0.00218EPSS
Exploits0References4
cve
cve
added 2025/11/05 9:27 a.m.17 views

CVE-2025-11987

CVE-2025-11987 — Visual Link Preview (WordPress) is a stored cross-site scripting vulnerability in the Visual Link Preview plugin for WordPress, exploitable via the plugin’s visual-link-preview shortcode. Affected versions are up to and including 2.2.7, where insufficient input sanitization and o...

6.4CVSS4.8AI score0.00218EPSS
Exploits0References4
patchstack
patchstack
added 2025/11/05 1:36 a.m.7 views

WordPress Visual Link Preview plugin <= 2.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via visual-link-preview Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via visual-link-preview Shortcode vulnerability discovered by Rafshanzani Suhada in WordPress Plugin Visual Link Preview versions = 2.2.7...

6.4CVSS5.5AI score0.00218EPSS
Exploits0References1Affected Software1
euvd
euvd
added 2025/10/16 3:30 p.m.5 views

EUVD-2025-34758

Cross site scripting XSS vulnerability in Ultimate PHP Board 2.2.7 via the uname parameter in lostpassword.php...

6.1CVSS5.6AI score0.00251EPSS
Exploits0References3
cvelist
cvelist
added 2025/10/16 12:0 a.m.12 views

CVE-2025-61540

SQL injection vulnerability in Ultimate PHP Board 2.2.7 via the username field in lostpassword.php...

0.00272EPSS
Exploits0References2
osv
osv
added 2025/10/16 12:0 a.m.4 views

CVE-2025-61540

SQL injection vulnerability in Ultimate PHP Board 2.2.7 via the username field in lostpassword.php...

6.5CVSS8.3AI score0.00272EPSS
Exploits0References4
cnnvd
cnnvd
added 2025/10/16 12:0 a.m.5 views

Ultimate PHP Board 安全漏洞

Ultimate PHP Board is a message board software from PHP Outburst open source. A security vulnerability exists in Ultimate PHP Board version 2.2.7, which stems from an unvalidated username field in lostpassword.php and could lead to a SQL injection attack...

6.5CVSS7.8AI score0.00272EPSS
Exploits0References2
cve
cve
added 2025/10/16 12:0 a.m.12 views

CVE-2025-61540

CVE-2025-61540 : The Red Hat, NVD, OSV, EUVD, NVD (and other) records all describe a SQL injection in Ultimate PHP Board version 2.2.7, exploitable via the username field in lostpassword.php. The underlying issue is an unvalidated/unsafely assembled username input leading to SQL injection, with C...

6.5CVSS7.8AI score0.00272EPSS
Exploits0References2Affected Software1
euvd
euvd
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-2164

Malware in sbrugna...

5.3CVSS5.5AI score0.0123EPSS
Exploits1References2
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-0655

Malware in sbrugna...

6.1CVSS6.3AI score0.01156EPSS
Exploits1References6
euvd
euvd
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-10006

Malware in sbrugna...

6.1CVSS6.3AI score0.00826EPSS
Exploits1References2
euvd
euvd
added 2025/10/07 12:30 a.m.10 views

EUVD-2018-10005

Malware in sbrugna...

6.1CVSS6.3AI score0.00833EPSS
Exploits1References2
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-2115

Malware in sbrugna...

8.8CVSS8.8AI score0.00494EPSS
Exploits1References2
euvd
euvd
added 2025/10/07 12:30 a.m.3 views

EUVD-2018-9153

Malware in sbrugna...

9.8CVSS9.5AI score0.0229EPSS
Exploits1References3
euvd
euvd
added 2025/10/07 12:30 a.m.3 views

EUVD-2009-2422

Malware in sbrugna...

7.5CVSS6.4AI score0.00949EPSS
Exploits1References3
Rows per page
Query Builder