Lucene search
+L

203 matches found

Positive Technologies
Positive Technologies
added 2026/01/08 12:0 a.m.5 views

PT-2026-1697

Name of the Vulnerable Software and Affected Versions jwsthemes OchaHouse versions through 2.2.8 Description A flaw exists in the handling of file inclusion within jwsthemes OchaHouse, potentially allowing for PHP Local File Inclusion. The issue stems from improper control of filenames used in...

9.8CVSS6.7AI score0.00512EPSS
Exploits0References3
Patchstack
Patchstack
added 2026/01/01 9:8 p.m.7 views

WordPress Bookory theme <= 2.2.7 - Local File Inclusion vulnerability

Software : Bookory Type : Theme Vulnerable versions : = 2.2.7 Fixed in : 2.2.8 OWASP Top 10 : A3: Injection Classification : Local File Inclusion CVE ID : CVE-2025-68530 Patchstack priority : Low CVSS severity : 7.5 Required privilege : Contributor Developer : Claim ownership PSID : 314b30db47fa...

9.8CVSS6.3AI score0.00306EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/12/13 3:19 a.m.6 views

WordPress Enter Addons plugin <= 2.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown and Image Comparison Widgets vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Countdown and Image Comparison Widgets vulnerability discovered by zer0gh0st in WordPress Plugin Enter Addons versions = 2.2.7...

6.4CVSS5.5AI score0.00189EPSS
Exploits0References1Affected Software1
vulnersOsv
vulnersOsv
added 2025/11/14 8:56 p.m.6 views

flowise (>=1.6.1 <=2.2.8), flowise-birat (>=1.0.0 <=1.2.5) +2 more potentially affected by unknown CVE via flowise-ui (>=1.8.4 <=2.2.8)

flowise-ui NPM version =1.8.4, =1.6.1, =1.0.0, =0.0.1, =0.0.2, =0.0.4 Source cves: unknown CVE Source advisory: OSV:GHSA-X39M-3393-3QP4...

5.8AI score
Exploits0
Patchstack
Patchstack
added 2025/11/05 4:13 a.m.7 views

WordPress WP Hotel Booking plugin <= 2.2.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by daroo in WordPress Plugin WP Hotel Booking versions = 2.2.8...

5.9CVSS6.1AI score0.00174EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/11/05 1:36 a.m.8 views

WordPress Visual Link Preview plugin <= 2.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via visual-link-preview Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via visual-link-preview Shortcode vulnerability discovered by Rafshanzani Suhada in WordPress Plugin Visual Link Preview versions = 2.2.7...

6.4CVSS5.5AI score0.00218EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.12 views

EUVD-2015-3672

Malware in sbrugna...

7.5CVSS7.6AI score0.03488EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2003-0025

Malware in sbrugna...

7.5CVSS6.1AI score0.27971EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-0655

Malware in sbrugna...

6.1CVSS6.3AI score0.01156EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/10/04 11:53 a.m.14 views

CVE-2025-9045

The Easy Elementor Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several widget parameters in versions less than, or equal to, 2.2.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-leve...

6.4CVSS6.1AI score0.00318EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2021-32731

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00495EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-30488

Malicious code in bioql PyPI...

7.5CVSS6.5AI score0.00477EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-42900

Malicious code in bioql PyPI...

8.8CVSS9AI score0.00208EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-32287

Malicious code in bioql PyPI...

6.4CVSS6.6AI score0.00318EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-5435

Malicious code in bioql PyPI...

8.8CVSS9.2AI score0.00613EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-34095

Malicious code in bioql PyPI...

5.3CVSS9AI score0.00374EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.10 views

EUVD-2022-2600

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.01591EPSS
Exploits0References2
CVE
CVE
added 2025/10/03 11:17 a.m.22 views

CVE-2025-9045

The CVE-2025-9045 entry describes a Stored Cross-Site Scripting (XSS) in the WordPress plugin Easy Elementor Addons (versions

6.4CVSS6.1AI score0.00318EPSS
Exploits0References8
CVE
CVE
added 2025/09/22 6:26 p.m.23 views

CVE-2025-58973

CVE-2025-58973 is a PHP Remote File Inclusion/Local File Inclusion vulnerability in Easy Elementor Addons (WordPress plugin). The issue arises from improper control of the filename used in include/require, enabling Local File Inclusion. Affected versions are Easy Elementor Addons up to 2.2.8 (no ...

7.5CVSS5.9AI score0.00477EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2025/09/15 8:11 p.m.9 views

flowise (>=2.0.0 <=2.2.8) potentially affected by unknown CVE via flowise-components (=2.2.8)

flowise-components NPM version =2.2.8 is affected by a known vulnerability. The following packages have a transitive dependency on flowise-components and may be impacted: - flowise =2.0.0, =2.2.8 Source cves: unknown CVE Source advisory: SNYK:JS-FLOWISECOMPONENTS-12878598...

5.8AI score
Exploits0
Rows per page
Query Builder