13 matches found
CVE-2024-29926
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HasThemes WC Builder allows Stored XSS.This issue affects WC Builder: from n/a through 1.0.18...
CVE-2025-29926
creationtimestamp| type| source ---|---|--- 2025-03-19 19:06:23+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114190659236671973 2025-03-19 20:00:51+00:00| published-proof-of-concept| Telegram/pKc-k4S4UpucBi-A8jZui2WxqHw-KLQAnPldAvhIPnjHqVQ 2025-03-19 20:29:48+00:00| seen|...
CVE-2025-29926 The WikiManager REST API allows any user to create wikis
XWiki Platform is a generic wiki platform. Prior to 15.10.15, 16.4.6, and 16.10.0, any user can exploit the WikiManager REST API to create a new wiki, where the user could become an administrator and so performs other attacks on the farm. Note that this REST API is not bundled in XWiki Standard b...
CVE-2025-29926 The WikiManager REST API allows any user to create wikis
XWiki Platform is a generic wiki platform. Prior to 15.10.15, 16.4.6, and 16.10.0, any user can exploit the WikiManager REST API to create a new wiki, where the user could become an administrator and so performs other attacks on the farm. Note that this REST API is not bundled in XWiki Standard b...
ipa security update
4.6.8-5.0.1.el79.17 - Blank out header-logo.png product-name.png - Replace login-screen-logo.png Orabug: 20362818 4.6.8-5.el79.17 - Resolves: RHEL-29926 ipa: user can obtain a hash of the passwords of all domain users and perform offline brute force...
CVE-2024-29926 WordPress WC Builder plugin <= 1.0.18 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HasThemes WC Builder allows Stored XSS.This issue affects WC Builder: from n/a through 1.0.18...
CVE-2024-29926 WordPress WC Builder plugin <= 1.0.18 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HasThemes WC Builder allows Stored XSS.This issue affects WC Builder: from n/a through 1.0.18...
WordPress WC Builder Plugin <= 1.0.18 is vulnerable to Cross Site Scripting (XSS)
Software WC Builder Type Plugin Vulnerable versions = 1.0.18 Fixed in 1.0.19 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29926 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID a04b14c5f16a Credits LVT-tholv2k Required privilege Contributo...
CVE-2023-29926
creationtimestamp| type| source ---|---|--- 2023-04-20 18:30:55+00:00| seen| https://t.me/cibsecurity/62527...
CVE-2023-29926
PowerJob V4.3.2 has unauthorized interface that causes remote code execution...
CVE-2023-29926
PowerJob V4.3.2 has unauthorized interface that causes remote code execution...
CVE-2023-29926
Summary: CVE-2023-29926 affects PowerJob v4.3.2 and is associated with an unauthorized interface that enables remote code execution. The connected documents corroborate that the vulnerability stems from this interface and imply high impact (RCE) with network attack vector and no user interaction....
CVE-2022-29926
CVE-2022-29926 is rejected/not used; this CVE ID does not represent an active vulnerability entry.