Lucene search
K

22 matches found

OSV
OSV
added 2026/01/19 6:8 p.m.6 views

CVE-2026-23878 HotCRP vulnerable to exposure of submitted documents

HotCRP is conference review software. Starting in commit aa20ef288828b04550950cf67c831af8a525f508 and prior to commit ceacd5f1476458792c44c6a993670f02c984b4a0, authors with at least one submission on a HotCRP site could use the document API to download any documents PDFs, attachments associated...

6.5CVSS5.5AI score0.00257EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/01/09 9:18 a.m.5 views

CVE-2025-23878

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Scott Reilly Post-to-Post Links easy-post-to-post-links allows Stored XSS.This issue affects Post-to-Post Links: from n/a through = 4.2...

5.9CVSS7.2AI score0.00365EPSS
Exploits0References1
Circl
Circl
added 2025/01/16 9:18 p.m.3 views

CVE-2025-23878

creationtimestamp| type| source ---|---|--- 2025-01-16 21:18:56+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfv7frlzs72f...

5.9CVSS6.9AI score0.00365EPSS
Exploits0References1
NVD
NVD
added 2025/01/16 9:15 p.m.5 views

CVE-2025-23878

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Scott Reilly Post-to-Post Links easy-post-to-post-links allows Stored XSS.This issue affects Post-to-Post Links: from n/a through = 4.2...

5.9CVSS0.00365EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/16 8:7 p.m.4 views

CVE-2025-23878 WordPress Post-to-Post Links plugin <= 4.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Scott Reilly Post-to-Post Links easy-post-to-post-links allows Stored XSS.This issue affects Post-to-Post Links: from n/a through = 4.2...

5.9CVSS7.2AI score0.00365EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/16 8:7 p.m.14 views

CVE-2025-23878 WordPress Post-to-Post Links plugin <= 4.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Scott Reilly Post-to-Post Links easy-post-to-post-links allows Stored XSS.This issue affects Post-to-Post Links: from n/a through = 4.2...

5.9CVSS0.00365EPSS
Exploits0References1
CVE
CVE
added 2025/01/16 8:7 p.m.40 views

CVE-2025-23878

CVE-2025-23878 affects WordPress plugin Post-to-Post Links (easy-post-to-post-links). Reported as Stored XSS due to improper input handling during web page generation, affecting Post-to-Post Links versions from n/a through

5.9CVSS7.2AI score0.00365EPSS
Exploits0References1
Circl
Circl
added 2024/01/26 11:27 a.m.3 views

CVE-2024-23878

creationtimestamp| type| source ---|---|--- 2024-01-26 11:27:05+00:00| seen| https://t.me/ctinow/174157 2024-02-19 15:26:38+00:00| seen| https://t.me/ctinow/187747...

8.2CVSS6.1AI score0.00399EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/01/26 9:14 a.m.5 views

CVE-2024-23878 Cross-Site Scripting (XSS) vulnerability in Cups Easy

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/grnprint.php, in the grnno parameter. Exploitation of this vulnerability could all...

8.2CVSS7.1AI score0.00399EPSS
Exploits0References1
Circl
Circl
added 2023/04/04 4:30 p.m.5 views

CVE-2023-23878

creationtimestamp| type| source ---|---|--- 2023-04-04 16:30:33+00:00| seen| https://t.me/cibsecurity/61381...

5.9CVSS5.5AI score0.0038EPSS
Exploits0References1
NVD
NVD
added 2023/04/04 12:15 p.m.10 views

CVE-2023-23878

Auth. editor+ Stored Cross-Site Scripting XSS vulnerability in flippercode WordPress Plugin for Google Maps – WP MAPS plugin = 4.3.9 versions...

5.9CVSS5.4AI score0.0038EPSS
Exploits0References1
OSV
OSV
added 2023/04/04 12:15 p.m.5 views

CVE-2023-23878

Auth. editor+ Stored Cross-Site Scripting XSS vulnerability in flippercode WordPress Plugin for Google Maps – WP MAPS plugin = 4.3.9 versions...

5.4CVSS5.8AI score0.0038EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/04/04 11:38 a.m.7 views

CVE-2023-23878 WordPress WP Google Map Plugin Plugin <= 4.3.9 is vulnerable to Cross Site Scripting (XSS)

Auth. editor+ Stored Cross-Site Scripting XSS vulnerability in flippercode WordPress Plugin for Google Maps – WP MAPS plugin = 4.3.9 versions...

5.9CVSS5.4AI score0.0038EPSS
Exploits0References1
CVE
CVE
added 2023/04/04 11:38 a.m.50 views

CVE-2023-23878

CVE-2023-23878 is a stored XSS vulnerability in the flippercode WordPress plugin for Google Maps (WP MAPS) versions

5.9CVSS5.3AI score0.0038EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/04/04 11:38 a.m.14 views

CVE-2023-23878 WordPress WP Google Map Plugin Plugin <= 4.3.9 is vulnerable to Cross Site Scripting (XSS)

Auth. editor+ Stored Cross-Site Scripting XSS vulnerability in flippercode WordPress Plugin for Google Maps – WP MAPS plugin = 4.3.9 versions...

5.9CVSS5.6AI score0.0038EPSS
Exploits0References1
Circl
Circl
added 2022/03/02 10:25 p.m.7 views

CVE-2022-23878

creationtimestamp| type| source ---|---|--- 2022-03-02 22:25:14+00:00| seen| https://t.me/cibsecurity/38320...

9.8CVSS8.7AI score0.0206EPSS
Exploits1References1
Cvelist
Cvelist
added 2022/03/02 6:40 p.m.28 views

CVE-2022-23878

seacms V11.5 is affected by an arbitrary code execution vulnerability in adminconfig.php...

9.9AI score0.0206EPSS
Exploits1References1
CVE
CVE
added 2021/11/10 9:25 p.m.50 views

CVE-2020-23878

Summary: CVE-2020-23878 affects pdf2json v0.71, with a stack buffer overflow in the XRef::fetch function. The vulnerability is documented across multiple feeds as a buffer overflow in a Java-based PDF-to-JSON library (pdf2json). Impact: CVSS metrics indicate high to critical severity (CVSS‑2.0: b...

9.8CVSS9.7AI score0.01706EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2021/11/10 9:25 p.m.10 views

CVE-2020-23878

pdf2json v0.71 was discovered to contain a stack buffer overflow in the component XRef::fetch...

9.8AI score0.01706EPSS
Exploits1References2
CVE
CVE
added 2021/02/10 9:10 a.m.72 views

CVE-2021-23878

CVE-2021-23878 affects McAfee Endpoint Security for Windows prior to 10.7.0 (Feb 2021 Update). The issue is clear-text storage of sensitive information in memory, enabling a local user to view ENS settings and credentials by reading process memory shortly after an administrator applies a configur...

7.3CVSS5.9AI score0.00616EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder