18 matches found
CVE-2026-32542
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeFusion Fusion Builder fusion-builder allows Reflected XSS.This issue affects Fusion Builder: from n/a through 3.15.0...
CVE-2026-32542
creationtimestamp| type| source ---|---|--- 2026-03-25 16:17:08+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-32542...
CVE-2026-32542
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeFusion Fusion Builder fusion-builder allows Reflected XSS.This issue affects Fusion Builder: from n/a through 3.15.0...
CVE-2025-32542
creationtimestamp| type| source ---|---|--- 2025-04-11 11:48:34+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114319170754326245...
CVE-2025-32542
CVE-2025-32542 is a Missing Authorization vulnerability in the WordPress Eazy Plugin Manager, affecting versions up to 4.3.0. The connected Wordfence data indicates an unauthorized access weakness due to misconfigured access controls, with a high impact (CVE-2015-32542 CVSS 3.1: 8.8, HIGH) and Ne...
CVE-2025-32542 WordPress Eazy Plugin Manager plugin <= 4.3.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in EazyPlugins Eazy Plugin Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Eazy Plugin Manager: from n/a through 4.3.0...
WordPress Eazy Plugin Manager plugin <= 4.3.0 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Aiden in WordPress Plugin Eazy Plugin Manager versions = 4.3.0...
git-lfs security update
3.2.0-3 - Rebuild with new Golang - Resolves: RHEL-32542...
CVE-2024-32542
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Organic Themes Bulk Block Converter allows Reflected XSS.This issue affects Bulk Block Converter: from n/a through 1.0.1...
CVE-2024-32542 WordPress Bulk Block Converter plugin <= 1.0.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Organic Themes Bulk Block Converter allows Reflected XSS.This issue affects Bulk Block Converter: from n/a through 1.0.1...
CVE-2024-32542
CVE-2024-32542 affects Bulk Block Converter (WordPress). Root cause: improper input neutralization during web page generation, enabling reflected XSS. Affected versions: from n/a through 1.0.1. Remediation: patch status listed as Unpatched in the provided docs.
WordPress Bulk Block Converter Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)
Software Bulk Block Converter Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32542 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 805efd09a347 Credits Dimas Maulana Required...
CVE-2023-32542
creationtimestamp| type| source ---|---|--- 2023-06-19 12:30:25+00:00| seen| https://t.me/cibsecurity/65332...
CVE-2023-32542
Out-of-bounds read vulnerability exists in TELLUS v4.0.15.0 and TELLUS Lite v4.0.15.0. Opening a specially crafted V8 file may lead to information disclosure and/or arbitrary code execution...
CVE-2023-32542
CVE-2023-32542 affects Fuji Electric TELLUS and TELLUS Lite v4.0.15.0, with an out-of-bounds read when opening specially crafted V8 files, potentially enabling information disclosure and/or arbitrary code execution. The CVE is documented across multiple feeds (NVD, RH, CNVD, JVN, etc.). A concret...
CVE-2021-32542
The parameters of the specific functions in the CTS Web trading system do not filter special characters, which allows unauthenticated attackers can remotely perform reflected XSS and obtain the users’ connection token that triggered the attack...
CVE-2021-32542 SysJust CTS Web - Reflected XSS
The parameters of the specific functions in the CTS Web trading system do not filter special characters, which allows unauthenticated attackers can remotely perform reflected XSS and obtain the users’ connection token that triggered the attack...
CVE-2021-32542
CVE-2021-32542 pertains to CTS Web trading system where the parameters of certain functions do not filter special characters, enabling unauthenticated attackers to perform reflected XSS and obtain the user’s connection token that triggered the attack. The affected component is the CTS Web trading...