Lucene search
K

891 matches found

CVE
CVE
added 2025/10/27 7:6 p.m.31 views

CVE-2025-53533

CVE-2025-53533 affects Pi-hole Admin Interface ≤ 6.2.1. It is a reflected XSS in the 404 page caused by including the requested path in the body tag’s class attribute without proper sanitization, enabling an attacker to craft a link with an onload attribute that executes arbitrary JavaScript in a...

6.1CVSS5.8AI score0.00564EPSS
Exploits2References1Affected Software1
OSV
OSV
added 2025/10/27 7:6 p.m.5 views

CVE-2025-53533 Pi-hole Admin Interface vulnerable to cross-site scripting via malformed URL path on 404 error page

Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level advertisement and internet tracker blocking application. Pi-hole Admin Interface versions 6.2.1 and earlier are vulnerable to reflected cross-site scripting XSS via a malformed URL path. The 404 error page includes t...

5.1CVSS6.3AI score0.00564EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2025/10/25 12:0 a.m.5 views

PT-2025-44019

Name of the Vulnerable Software and Affected Versions Pi-hole Admin Interface versions 6.2.1 and earlier Description The Pi-hole Admin Interface, a web interface for managing the Pi-hole network-level advertisement and internet tracker blocking application, is susceptible to reflected cross-site...

7.5CVSS6.3AI score0.00564EPSS
Exploits2References7
Patchstack
Patchstack
added 2025/10/13 6:43 a.m.7 views

WordPress Custom 404 Pro plugin <= 3.12.0 - Authenticated (Administrator+) SQL Injection via `path` Parameter vulnerability

Authenticated Administrator+ SQL Injection via path Parameter vulnerability discovered by jamaal in WordPress Plugin Custom 404 Pro versions = 3.12.0...

4.9CVSS7.9AI score0.00276EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/10/12 10:5 a.m.12 views

CVE-2025-9947

The Custom 404 Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ‘path’ parameter in all versions up to, and including, 3.12.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...

4.9CVSS6.6AI score0.00276EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/11 12:30 p.m.4 views

EUVD-2025-33841

The Custom 404 Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ‘path’ parameter in all versions up to, and including, 3.12.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...

4.9CVSS6.1AI score0.00276EPSS
Exploits0References3
NVD
NVD
added 2025/10/11 10:15 a.m.6 views

CVE-2025-9947

The Custom 404 Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ‘path’ parameter in all versions up to, and including, 3.12.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...

4.9CVSS0.00276EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/10/11 9:28 a.m.5 views

CVE-2025-9947 Custom 404 Pro <= 3.12.0 - Authenticated (Administrator+) SQL Injection via `path` Parameter

The Custom 404 Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ‘path’ parameter in all versions up to, and including, 3.12.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...

4.9CVSS6.2AI score0.00276EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/11 9:28 a.m.12 views

CVE-2025-9947 Custom 404 Pro <= 3.12.0 - Authenticated (Administrator+) SQL Injection via `path` Parameter

The Custom 404 Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ‘path’ parameter in all versions up to, and including, 3.12.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...

4.9CVSS0.00276EPSS
Exploits0References2
CVE
CVE
added 2025/10/11 9:28 a.m.21 views

CVE-2025-9947

CVE-2025-9947 affects the WordPress plugin Custom 404 Pro . All versions up to 3.12.0 are vulnerable to a time-based SQL Injection via the path parameter due to insufficient escaping and query preparation. An authenticated attacker with Administrator+ privileges can append SQL statements to exist...

4.9CVSS6.2AI score0.00276EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/10/11 12:0 a.m.4 views

WordPress plugin Custom 404 Pro SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A SQL injectio...

4.9CVSS7.6AI score0.00276EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/10/11 12:0 a.m.7 views

PT-2025-41682

Name of the Vulnerable Software and Affected Versions Custom 404 Pro plugin for WordPress versions prior to 3.13.0 Description The Custom 404 Pro plugin for WordPress is susceptible to time-based SQL Injection through the path parameter. This is due to inadequate input sanitization and insufficie...

4.9CVSS7AI score0.00276EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.14 views

EUVD-2002-2225

Malware in sbrugna...

4.3CVSS6.4AI score0.01499EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-21468

Malware in sbrugna...

6.1CVSS6.3AI score0.00816EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2005-3423

Malware in sbrugna...

4.3CVSS6.1AI score0.01437EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2008-2419

Malware in sbrugna...

10CVSS6.4AI score0.01575EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-2238

Malware in sbrugna...

6.1CVSS6.3AI score0.01229EPSS
Exploits2References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-6755

Malware in sbrugna...

6.1CVSS6.3AI score0.0095EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-0021

Malware in sbrugna...

6.1CVSS6.1AI score0.02003EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2019-0440

Malware in sbrugna...

5.3CVSS6.4AI score0.05782EPSS
Exploits0References31
Rows per page
Query Builder