Lucene search
+L

247 matches found

CVE
CVE
added 2025/09/22 6:24 p.m.14 views

CVE-2025-58017

CVE-2025-58017 is a Stored XSS vulnerability in Ultimate Store Kit – Addon For WooCommerce, EDD and Elementor (Ultimate Store Kit Elementor Addons). The issue arises from improper input neutralization during web page generation, enabling stored cross-site scripting in affected pages. Affected ver...

6.5CVSS5.9AI score0.00196EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2025/06/10 9:30 a.m.8 views

org.apache.kafka:kafka-perf_2.8.2 (>=0.8.0 <=0.8.0-beta1), org.apache.nifi:nifi-kafka-nar (>=0.0.1-incubating <=0.3.0) +1 more potentially affected by CVE-2025-27819 via org.apache.kafka:kafka_2.8.2 (>=0.8.0-beta1 <=0.8.1)

org.apache.kafka:kafka2.8.2 MAVEN version =0.8.0-beta1, =0.8.0, =0.0.1-incubating, =0.0.1-incubating, =0.3.0 Source cves: CVE-2025-27819 Source advisory: OSV:GHSA-MCWH-C9PG-XW43...

7.5CVSS6.5AI score0.00878EPSS
Exploits0
CNNVD
CNNVD
added 2025/06/06 12:0 a.m.5 views

WordPress plugin BNS Featured Category 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability exist...

6.4CVSS6AI score0.00192EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 5:1 a.m.6 views

CVE-2023-45103

Cross-Site Request Forgery CSRF vulnerability in YAS Global Team Permalinks Customizer plugin = 2.8.2 versions...

8.8CVSS7.1AI score0.00214EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:31 p.m.8 views

CVE-2022-24782

Discourse is an open source discussion platform. Versions 2.8.2 and prior in the stable branch, 2.9.0.beta3 and prior in the beta branch, and 2.9.0.beta3 and prior in the tests-passed branch are vulnerable to a data leak. Users can request an export of their own activity. Sometimes, due to catego...

4.3CVSS6.7AI score0.00927EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:35 p.m.8 views

CVE-2021-43963

An issue was discovered in Couchbase Sync Gateway 2.7.0 through 2.8.2. The bucket credentials used to read and write data in Couchbase Server were insecurely being stored in the metadata within sync documents written to the bucket. Users with read access could use these credentials to obtain writ...

8.1CVSS6.3AI score0.00501EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 9:33 p.m.9 views

CVE-2021-34544

An issue was discovered in Solar-Log 500 before 2.8.2 Build 52 23.04.2013. In /export.html, email.html, and sms.html, cleartext passwords are stored. This may allow sensitive information to be read by someone with access to the device. Fixed with 3.0.0-60 11.10.2013 for SL 200, 500, 1000 / not...

6.5CVSS6.4AI score0.00997EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:23 p.m.5 views

CVE-2020-11037

In Wagtail before versions 2.7.3 and 2.8.2, a potential timing attack exists on pages or documents that have been protected with a shared password through Wagtail's "Privacy" controls. This password check is performed through a character-by-character string comparison, and so an attacker who is...

6.1CVSS5.3AI score0.0025EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:54 a.m.7 views

CVE-2018-20853

An issue was discovered in the MailPoet Newsletters aka wysija-newsletters plugin before 2.8.2 for WordPress. The plugin is vulnerable to SPAM attacks...

5.3CVSS7AI score0.00948EPSS
Exploits0References1
NVD
NVD
added 2025/04/16 6:16 p.m.32 views

CVE-2025-39472

Cross-Site Request Forgery CSRF vulnerability in wpweb WooCommerce Social Login woo-social-login allows Cross Site Request Forgery.This issue affects WooCommerce Social Login: from n/a through 2.8.3...

8.8CVSS0.00165EPSS
Exploits0References1
CVE
CVE
added 2025/04/16 5:15 p.m.70 views

CVE-2025-39472

CVE-2025-39472 corresponds to a CSRF vulnerability in the WPWooCommerce Social Login plugin (WooCommerce Social Login). Affected versions are 2.8.2 and earlier; the issue arises from Cross-Site Request Forgery that could allow unauthorized actions on behalf of a user. The fix is to upgrade to ver...

8.8CVSS7.2AI score0.00165EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/04/16 5:15 p.m.33 views

CVE-2025-39472 WordPress WooCommerce Social Login plugin < 2.8.3 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in wpweb WooCommerce Social Login woo-social-login allows Cross Site Request Forgery.This issue affects WooCommerce Social Login: from n/a through 2.8.3...

4.3CVSS0.00165EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 3:24 a.m.27 views

Security Bulletin: IBM Fusion HCI and IBM Fusion are vulnerable to denial of service due to Node.js, isaacs node-tar, ShowdownJS

Summary IBM Fusion HCI and IBM Fusion's graphical user interface are vulnerable to a denial of service due to Node.js, isaacs node-tar, and ShowdownJS. CVE-2024-4068, CVE-2024-28863, CVE-2024-1899. Vulnerability Details CVEID:CVE-2024-4068 DESCRIPTION: Node.js braces module is vulnerable to a...

7.5CVSS6.8AI score0.01471EPSS
Exploits3Affected Software3
OSV
OSV
added 2025/01/28 2:15 a.m.3 views

CVE-2024-22315

IBM Fusion and IBM Fusion HCI 2.3.0 through 2.8.2 is vulnerable to insecure network connection by allowing an attacker who gains access to a Fusion container to establish an external network connection...

6.5CVSS5.8AI score0.00218EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/20 12:0 a.m.11 views

PT-2024-36795 · Unknown · Onyxia-Api

Name of the Vulnerable Software and Affected Versions: Onyxia-API versions prior to 2.8.2 Onyxia-API versions prior to 3.1.1 Onyxia-API versions prior to 4.2.0 Description: This issue allows authenticated users to remotely execute code within the Onyxia-API, potentially leading to unauthorized...

9.4CVSS7.4AI score0.00623EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/11/26 12:37 a.m.2 views

haproxy: untrimmed URI fragments may lead to exposure of confidential data on static servers

HAProxy before 2.8.2 accepts as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a pathend rule, such as routing index.html.png to a static server...

8.2CVSS6AI score0.01526EPSS
Exploits0References4
Patchstack
Patchstack
added 2024/11/26 12:32 a.m.7 views

WordPress Category Ajax Filter plugin <= 2.8.2 - Unauthenticated Local File Inclusion vulnerability

Unauthenticated Local File Inclusion vulnerability discovered by Le Ngoc Anh in WordPress Plugin Category Ajax Filter versions = 2.8.2...

9.8CVSS7AI score0.00765EPSS
Exploits0References1Affected Software1
RedHat Linux
RedHat Linux
added 2024/11/19 12:50 a.m.16 views

haproxy: untrimmed URI fragments may lead to exposure of confidential data on static servers

HAProxy before 2.8.2 accepts as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a pathend rule, such as routing index.html.png to a static server...

8.2CVSS6AI score0.01526EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/11/09 12:0 a.m.7 views

WordPress plugin Category Ajax Filter 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exis...

9.8CVSS8.1AI score0.00765EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/11/05 3:46 a.m.3 views

WordPress XT Floating Cart for WooCommerce plugin <= 2.8.2 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload vulnerability

Authenticated Author+ Stored Cross-Site Scripting via SVG File Upload vulnerability discovered by Francesco Carlucci in WordPress Plugin XT Floating Cart for WooCommerce versions = 2.8.2...

6.4CVSS5.8AI score0.00323EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder