Lucene search
+L

579 matches found

redhatcve
redhatcve
added 2025/05/22 10:17 a.m.7 views

CVE-2019-2670

Vulnerability in the Oracle Marketing component of Oracle E-Business Suite subcomponent: Marketing Administration. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker...

4.7CVSS5.5AI score0.01043EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 6:24 a.m.8 views

CVE-2017-16892

In Bftpd before 4.7, there is a memory leak in the file rename function...

7.5CVSS6.8AI score0.01165EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 2:56 a.m.10 views

CVE-2012-1227

Multiple cross-site request forgery CSRF vulnerabilities in admin.php in pluck 4.7 allow remote attackers to hijack the authentication of admins for requests that 1 modify the admin email address or 2 modify the blog title via a settings action; 3 add a page via an editpage action, or 4 add a...

6.8CVSS7.6AI score0.00682EPSS
Exploits1References1
cve
cve
added 2025/04/17 3:46 p.m.49 views

CVE-2025-32674

CVE-2025-32674 is a Reflected XSS in the WordPress plugin WPFactory Product Excel Import Export & Bulk Edit for WooCommerce (

7.1CVSS7.2AI score0.00257EPSS
Exploits0References1
cvelist
cvelist
added 2025/04/17 3:46 p.m.18 views

CVE-2025-32674 WordPress Product Excel Import Export & Bulk Edit for WooCommerce plugin <= 4.7 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Product Excel Import Export & Bulk Edit for WooCommerce webd-woocommerce-product-excel-importer-bulk-edit allows Reflected XSS.This issue affects Product Excel Import Export & Bulk Edit f...

7.1CVSS0.00257EPSS
Exploits0References1
redhat
redhat
added 2025/04/15 8:29 p.m.19 views

Important: Red Hat Security Advisory: RHACS 4.7 security update

Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes RHACS. The updated image includes security fixes. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a...

7.5CVSS6.7AI score0.01017EPSS
Exploits2References5
redhatcve
redhatcve
added 2025/04/05 2:25 p.m.8 views

CVE-2025-31905

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mark O'Donnell Team Rosters team-rosters allows Reflected XSS.This issue affects Team Rosters: from n/a through = 4.7...

7.1CVSS7.2AI score0.00224EPSS
Exploits0References1
cve
cve
added 2025/04/03 1:27 p.m.49 views

CVE-2025-31905

CVE-2025-31905 is a Reflected XSS in the WordPress plugin Team Rosters (NotFound) affecting versions up to and including 4.7 . The issue is caused by improper input neutralization during web page generation. Exploitation status or exact payloads are not detailed in the provided documents. No reme...

7.1CVSS7.2AI score0.00224EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/03/29 12:2 p.m.15 views

CVE-2025-30867

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SearchIQ SearchIQ searchiq allows Stored XSS.This issue affects SearchIQ: from n/a through = 4.7...

6.5CVSS7.2AI score0.00337EPSS
Exploits0References1
nvd
nvd
added 2025/03/27 11:15 a.m.23 views

CVE-2025-30867

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SearchIQ SearchIQ searchiq allows Stored XSS.This issue affects SearchIQ: from n/a through = 4.7...

6.5CVSS0.00337EPSS
Exploits0References1
cvelist
cvelist
added 2025/03/19 11:10 a.m.13 views

CVE-2024-12920 FoodBakery | Delivery Restaurant Directory WordPress Theme <= 4.7 - Missing Authorization in Multiple Functions

The FoodBakery | Delivery Restaurant Directory WordPress Theme theme for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on the foodbakeryvarbackupfiledelete, foodbakerywidgetfiledelete, themeoptionsave, exportwidgetsettings,...

8.8CVSS0.00381EPSS
Exploits0References2
osv
osv
added 2025/03/05 9:15 a.m.5 views

CVE-2024-13350

The SearchIQ – The Search Solution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'siqsearchbox' shortcode in all versions up to, and including, 4.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible f...

5.4CVSS6AI score0.00223EPSS
Exploits0References3
cve
cve
added 2025/02/18 10:40 p.m.92 views

CVE-2025-26624

CVE-2025-26624 describes a DLL hijacking/local privilege escalation in Rufus. Affected: Rufus 4.6.2208 and earlier. Root cause: the launcher loads a malicious cfgmgr32.dll from the same directory via side-loading when the executable has elevated privileges. Impact: enables loading/execution of a ...

6.8CVSS6.9AI score0.00172EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2025/02/18 10:40 p.m.7 views

CVE-2025-26624 Local Privilege Escalation in Rufus 4.6 and previous versions

Rufus is a utility that helps format and create bootable USB flash drives. A DLL hijacking vulnerability in Rufus 4.6.2208 and earlier versions allows an attacker loading and executing a malicious DLL with escalated privileges since the executable has been granted higher privileges during the tim...

6.8CVSS6.3AI score0.00172EPSS
Exploits0References2
osv
osv
added 2025/02/18 10:40 p.m.9 views

CVE-2025-26624 Local Privilege Escalation in Rufus 4.6 and previous versions

Rufus is a utility that helps format and create bootable USB flash drives. A DLL hijacking vulnerability in Rufus 4.6.2208 and earlier versions allows an attacker loading and executing a malicious DLL with escalated privileges since the executable has been granted higher privileges during the tim...

6.8CVSS6.7AI score0.00172EPSS
Exploits0References4
patchstack
patchstack
added 2025/02/10 10:35 p.m.7 views

WordPress WP Foodbakery plugin <= 4.7 - Authentication Bypass in foodbakery_parse_request vulnerability

Authentication Bypass in foodbakeryparserequest vulnerability discovered by Tonn in WordPress Plugin FoodBakery versions = 4.7...

9.8CVSS7AI score0.00596EPSS
Exploits0References1Affected Software1
redhatcve
redhatcve
added 2025/02/05 9:15 a.m.4 views

CVE-2024-56250

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Greg Ross Just Writing Statistics just-writing-statistics allows SQL Injection.This issue affects Just Writing Statistics: from n/a through = 4.7...

7.6CVSS7.3AI score0.00423EPSS
Exploits0References1
cnnvd
cnnvd
added 2025/01/30 12:0 a.m.7 views

WordPress plugin Team Rosters 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.1CVSS8.2AI score0.00317EPSS
Exploits0References3
cve
cve
added 2025/01/02 12:1 p.m.47 views

CVE-2024-56250

CVE-2024-56250 concerns the WordPress plugin Just Writing Statistics (vulnerable up to 4.7). The issue is described as an SQL Injection caused by improper neutralization of input in SQL commands, enabling attacker-controlled input to affect database queries. Public references (Red Hat and Wordfen...

7.6CVSS7.3AI score0.00423EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2025/01/02 12:0 a.m.7 views

PT-2025-3216 · Unknown · Gregross Just Writing Statistics

Name of the Vulnerable Software and Affected Versions: GregRoss Just Writing Statistics versions n/a through 4.7 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection, which can...

7.6CVSS9.8AI score0.00423EPSS
Exploits0References5
Rows per page
Query Builder