Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

88 matches found

Vulnrichment
Vulnrichmentadded 2025/09/10 4:3 p.m.2 views

CVE-2025-59035 Indico vulnerable to Cross-Site Scripting via LaTeX math code

Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. Prior to version 3.3.8, there is a Cross-Site-Scripting vulnerability when rendering LaTeX math code in contribution or abstract descriptions. Users should to update to Indico 3.3.8 as...

4.6CVSS6.9AI score0.00189EPSS
Exploits0References2
OSV
OSVadded 2025/09/10 4:3 p.m.4 views

CVE-2025-59035 Indico vulnerable to Cross-Site Scripting via LaTeX math code

Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. Prior to version 3.3.8, there is a Cross-Site-Scripting vulnerability when rendering LaTeX math code in contribution or abstract descriptions. Users should to update to Indico 3.3.8 as...

4.6CVSS7AI score0.00189EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2025/09/10 12:0 a.m.4 views

PT-2025-37075

Name of the Vulnerable Software and Affected Versions: Indico versions prior to 3.3.8 Description: Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. A Cross-Site-Scripting issue exists when rendering LaTeX math code in contribution or...

4.6CVSS6.7AI score0.00189EPSS
Exploits0References8
Patchstack
Patchstackadded 2025/09/03 12:59 p.m.4 views

WordPress WP Abstracts plugin <= 2.7.4 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by timomangcut Patchstack Alliance in WordPress Plugin WP Abstracts versions = 2.7.4...

7.5CVSS7AI score0.0037EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVEadded 2025/05/23 7:21 a.m.8 views

CVE-2024-44045

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kevon Adonis WP Abstracts wp-abstracts-manuscripts-manager allows Stored XSS.This issue affects WP Abstracts: from n/a through = 2.6.5...

5.9CVSS5.9AI score0.00287EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 7:6 a.m.7 views

CVE-2024-12385

The WP Abstracts plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.7.2. This is due to missing nonce validation on the wpabstractsloadstatus and wpabstractsdeleteabstracts functions. This makes it possible for unauthenticated attackers to...

6.1CVSS6.4AI score0.00193EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 6:18 a.m.2 views

CVE-2024-50411

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kevon Adonis WP Abstracts wp-abstracts-manuscripts-manager allows Stored XSS.This issue affects WP Abstracts: from n/a through = 2.7.1...

5.9CVSS5.9AI score0.00255EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 5:3 a.m.6 views

CVE-2023-36517

Cross-Site Request Forgery CSRF vulnerability in Kevon Adonis WP Abstracts plugin = 2.6.2 versions...

8.8CVSS7.1AI score0.00214EPSS
Exploits0
RedhatCVE
RedhatCVEadded 2025/05/23 4:50 a.m.4 views

CVE-2023-28692

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Kevon Adonis WP Abstracts plugin = 2.6.3 versions...

5.9CVSS5.6AI score0.00402EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/04/11 5:41 p.m.2 views

CVE-2025-32591

Cross-Site Request Forgery CSRF vulnerability in Kevon Adonis WP Abstracts wp-abstracts-manuscripts-manager allows Cross Site Request Forgery.This issue affects WP Abstracts: from n/a through = 2.7.5...

7.1CVSS7.2AI score0.00158EPSS
Exploits0References1
NVD
NVDadded 2025/04/09 5:15 p.m.6 views

CVE-2025-32591

Cross-Site Request Forgery CSRF vulnerability in Kevon Adonis WP Abstracts wp-abstracts-manuscripts-manager allows Cross Site Request Forgery.This issue affects WP Abstracts: from n/a through = 2.7.5...

7.1CVSS0.00158EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/04/09 4:9 p.m.11 views

CVE-2025-32591 WordPress WP Abstracts Plugin <= 2.7.5 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Kevon Adonis WP Abstracts wp-abstracts-manuscripts-manager allows Cross Site Request Forgery.This issue affects WP Abstracts: from n/a through = 2.7.5...

7.1CVSS0.00158EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/04/09 4:9 p.m.3 views

CVE-2025-32591 WordPress WP Abstracts Plugin <= 2.7.4 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Kevon Adonis WP Abstracts allows Cross Site Request Forgery. This issue affects WP Abstracts: from n/a through 2.7.4...

7.1CVSS6.9AI score0.00158EPSS
Exploits0References1
CVE
CVEadded 2025/04/09 4:9 p.m.56 views

CVE-2025-32591

CVE-2025-32591 describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin WP Abstracts (Kevon Adonis). Affected: WP Abstracts versions up to 2.7.4 (from n/a). CVSS 3.1 base score 7.1 (HIGH): Network attack vector, Low confidentiality/integrity/availability impact, UI requ...

7.1CVSS7.2AI score0.00158EPSS
Exploits0References1
Patchstack
Patchstackadded 2025/04/09 3:45 p.m.3 views

WordPress WP Abstracts Plugin <= 2.7.5 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by Abdi Pranata in WordPress Plugin WP Abstracts versions = 2.7.5...

7.1CVSS7.5AI score0.00158EPSS
Exploits0Affected Software1
CNNVD
CNNVDadded 2025/04/09 12:0 a.m.1 views

WordPress plugin WP Abstracts 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

7.1CVSS7.3AI score0.00158EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/02/14 11:29 a.m.8 views

CVE-2024-12386

The WP Abstracts plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.7.3. This is due to missing nonce validation on multiple functions. This makes it possible for unauthenticated attackers to delete arbitrary accounts via a forged request...

8.1CVSS9.1AI score0.00204EPSS
Exploits0References1
NVD
NVDadded 2025/02/12 12:15 p.m.12 views

CVE-2024-12386

The WP Abstracts plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.7.3. This is due to missing nonce validation on multiple functions. This makes it possible for unauthenticated attackers to delete arbitrary accounts via a forged request...

8.1CVSS0.00204EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2025/02/12 11:11 a.m.10 views

CVE-2024-12386 WP Abstracts <= 2.7.3 - Cross-Site Request Forgery to Arbitrary Account Deletion

The WP Abstracts plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.7.3. This is due to missing nonce validation on multiple functions. This makes it possible for unauthenticated attackers to delete arbitrary accounts via a forged request...

8.1CVSS7.8AI score0.00204EPSS
Exploits0References3
Cvelist
Cvelistadded 2025/02/12 11:11 a.m.13 views

CVE-2024-12386 WP Abstracts <= 2.7.3 - Cross-Site Request Forgery to Arbitrary Account Deletion

The WP Abstracts plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.7.3. This is due to missing nonce validation on multiple functions. This makes it possible for unauthenticated attackers to delete arbitrary accounts via a forged request...

8.1CVSS0.00204EPSS
Exploits0References3
Rows per page
Query Builder