Lucene search
K

13 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-10613

Malicious code in bioql PyPI...

5.9CVSS6.9AI score0.00347EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/04/11 6:9 p.m.13 views

CVE-2025-32493

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VibeThemes BP Social Connect bp-social-connect allows Stored XSS.This issue affects BP Social Connect: from n/a through = 1.6.2...

5.9CVSS7.2AI score0.00347EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/04/09 5:29 p.m.7 views

WordPress BP Social Connect plugin <= 1.6.2 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Nabil Irawan in WordPress Plugin BP Social Connect versions = 1.6.2...

5.9CVSS7.1AI score0.00347EPSS
Exploits0Affected Software1
NVD
NVD
added 2025/04/09 5:15 p.m.20 views

CVE-2025-32493

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VibeThemes BP Social Connect bp-social-connect allows Stored XSS.This issue affects BP Social Connect: from n/a through = 1.6.2...

5.9CVSS0.00347EPSS
Exploits0References1
CVE
CVE
added 2025/04/09 4:9 p.m.55 views

CVE-2025-32493

CVE-2025-32493 is a stored XSS vulnerability in the WordPress plugin BP Social Connect (affected: up to version 1.6.2). The connected Wordfence entry indicates an authenticated (Administrator+) Stored Cross‑Site Scripting flaw in BP Social Connect

5.9CVSS7.2AI score0.00347EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/09 4:9 p.m.23 views

CVE-2025-32493 WordPress BP Social Connect plugin <= 1.6.2 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VibeThemes BP Social Connect bp-social-connect allows Stored XSS.This issue affects BP Social Connect: from n/a through = 1.6.2...

5.9CVSS0.00347EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/09 4:9 p.m.6 views

CVE-2025-32493 WordPress BP Social Connect <= 1.6.2 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VibeThemes BP Social Connect allows Stored XSS. This issue affects BP Social Connect: from n/a through 1.6.2...

5.9CVSS5.7AI score0.00347EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/09 12:0 a.m.4 views

PT-2025-15772 · Vibethemes · Vibethemes Bp Social Connect

Name of the Vulnerable Software and Affected Versions: VibeThemes BP Social Connect versions 1.6.2 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for Stored XSS attacks. This means that an attacker can inject malicious...

5.9CVSS6.2AI score0.00347EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/04/09 12:0 a.m.5 views

WordPress plugin BP Social Connect 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

5.9CVSS6.1AI score0.00347EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/05/19 3:15 a.m.2 views

CVE-2023-2704

The BP Social Connect plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.5. This is due to insufficient verification on the user being supplied during a Facebook login through the plugin. This makes it possible for unauthenticated attackers to log in a...

9.8CVSS7.2AI score0.01623EPSS
Exploits1References6
CVE
CVE
added 2023/05/19 2:3 a.m.66 views

CVE-2023-2704

CVE-2023-2704 affects BP Social Connect for WordPress (versions up to and including 1.5) with an authentication bypass due to insufficient verification during Facebook login, enabling unauthenticated login as existing users (e.g., admin) if the attacker has the email. Wordfence notes the vulnerab...

9.8CVSS9.5AI score0.01623EPSS
Exploits1References5Affected Software1
CNNVD
CNNVD
added 2023/05/19 12:0 a.m.4 views

WordPress Plugin BP Social Connect 访问控制错误漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

9.8CVSS8.4AI score0.01623EPSS
Exploits1References6
Patchstack
Patchstack
added 2023/05/18 12:0 a.m.12 views

WordPress BP Social Connect Plugin <= 1.5 is vulnerable to Broken Access Control

Software BP Social Connect Type Plugin Vulnerable versions = 1.5 Fixed in 1.6.2 OWASP Top 10 A2: Broken Authentication Classification Broken Access Control CVE CVE-2023-2704 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 7c30551eab88 Credits Lana Codes Required privileg...

9.8CVSS6.5AI score0.01623EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder