CVE-2026-4655

creationtimestamp| type| source ---|---|--- 2026-05-08 05:33:07+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mlcyxo2xdw2i...

CVE-2026-4655

The CVE concerns the WordPress plugin Element Pack Addons for Elementor (SVG Image Widget) up to version 8.4.2. Root cause: render_svg() fetches SVG content from remote URLs using wp_safe_remote_get() and echoes it without proper sanitization beyond a regex that only adds attributes to the SVG ta...

CVE-2025-4655

creationtimestamp| type| source ---|---|--- 2025-08-09 07:36:30+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lvxazuya6l2p...

CVE-2022-4655

The Welcart e-Commerce WordPress plugin before 2.8.9 does not validate and escapes one of its shortcode attributes, which could allow users with a role as low as a contributor to perform a Stored Cross-Site Scripting attack...

Novell EDirectory DHOST Predictable Session Cookie

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Novell eDirectory DHOST Predictable Session Cookie', 'Description' = %q This module is able to predict the next session cookie value issued by th...

CVE-2024-4655

creationtimestamp| type| source ---|---|--- 2024-07-11 08:42:00+00:00| seen| https://t.me/cvedetector/634...

CVE-2024-4655 Ultimate Blocks < 3.1.9 - Contributor+ Stored XSS

The Ultimate Blocks WordPress plugin before 3.1.9 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2024-4655 Ultimate Blocks < 3.1.9 - Contributor+ Stored XSS

The Ultimate Blocks WordPress plugin before 3.1.9 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CGA-5MWM-V7J4-4655

Bulletin has no description...

RHEL 8 : redhat-ds:11 (RHSA-2023:4655)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:4655 advisory. Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol LDAP serve...

CVE-2019-4655

creationtimestamp| type| source ---|---|--- 2024-03-19 07:01:46+00:00| seen| https://t.me/ctinow/211196...

CVE-2013-4655

creationtimestamp| type| source ---|---|--- 2024-02-13 13:31:16+00:00| seen| https://t.me/ctinow/183799...

SUSE: Security Advisory (SUSE-SU-2023:4655-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2018-4655

Rejected reason: This candidate is unused by its CNA...

CVE-2023-4655

creationtimestamp| type| source ---|---|--- 2023-08-31 07:12:47+00:00| seen| https://t.me/cibsecurity/69505...

CVE-2023-4655 Cross-site Scripting (XSS) - Reflected in instantsoft/icms2

Cross-site Scripting XSS - Reflected in GitHub repository instantsoft/icms2 prior to 2.16.1...

CVE-2023-4655 Cross-site Scripting (XSS) - Reflected in instantsoft/icms2

Cross-site Scripting XSS - Reflected in GitHub repository instantsoft/icms2 prior to 2.16.1...

CVE-2023-4655

CVE-2023-4655 affects instantsoft/icms2 prior to 2.16.1, described as a reflected Cross-site Scripting (XSS) in the web UI. The vulnerability arises from input that is echoed in responses, enabling script execution in a user’s browser. No explicit exploitation status is provided in the initial/co...

XWiki 4.2-milestone-3 < 13.10.11, 14.0-rc-1 < 14.4.7, 14.5 < 14.10 Code Injection Vulnerability (GHSA-4655-wh7v-3vmg)

Xwiki is prone to a code injection vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki"; ifdescription...

CVE-2022-4655

creationtimestamp| type| source ---|---|--- 2023-01-16 18:30:12+00:00| seen| https://t.me/cibsecurity/56557 2025-04-04 18:36:23+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10527...