353 matches found
CVE-2024-54287
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Best WP Developer Advanced Blog Post Block advanced-blog-post-block allows Stored XSS.This issue affects Advanced Blog Post Block: from n/a through = 1.0.4...
CVE-2024-54287 WordPress Advanced Blog Post Block plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Best WP Developer Advanced Blog Post Block advanced-blog-post-block allows Stored XSS.This issue affects Advanced Blog Post Block: from n/a through = 1.0.4...
CVE-2024-54287
CVE-2024-54287 describes an Authenticated Stored Cross‑Site Scripting (XSS) in the WordPress plugin Advanced Blog Post Block (block named “Advanced Blog Post Block”). Affected are versions up to and including 1.0.4 (listed as affected “from n/a through 1.0.4”). Exact root cause details are not pr...
WordPress plugin Advanced Blog Post Block 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...
WordPress Advanced Blog Post Block plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Gab Patchstack Alliance in WordPress Plugin Advanced Blog Post Block versions = 1.0.4...
Artifact poisoning vulnerability in action-download-artifact v5 and earlier
Summary In versions of dawidd6/action-download-artifact before v6, a repository's forks were also searched by default when attempting to find matching artifacts. This could be exploited by an unprivileged attacker to introduce compromised artifacts such as malicious executables into a privileged...
CVE-2024-50523
creationtimestamp| type| source ---|---|--- 2024-11-04 16:06:56+00:00| seen| https://t.me/cvedetector/9747 2026-04-01 18:40:09+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mihdowq4lc2u...
Exploit for OS Command Injection in Cyberpanel
CyberPanel Command Injection Vulnerability - CVE-2024-51378...
CVE-2024-50442
creationtimestamp| type| source ---|---|--- 2024-10-28 13:39:04+00:00| seen| https://t.me/cvedetector/9103 2026-04-04 15:40:09+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3miokztfltn23...
baserCMS 跨站脚本漏洞
baserCMS is an enterprise-level content management system CMS from the baserCMS team. A cross-site scripting vulnerability exists in baserCMS versions prior to 5.1.2, which stems from a cross-site scripting vulnerability in the blog post feature...
baserCMS 跨站脚本漏洞
baserCMS is an enterprise-level content management system CMS from the baserCMS team. A cross-site scripting vulnerability exists in baserCMS versions prior to 5.1.2, which stems from a cross-site scripting vulnerability in the blog post and content list functionality...
CVE-2024-47634
creationtimestamp| type| source ---|---|--- 2024-10-20 14:05:14+00:00| seen| https://t.me/cvedetector/8437 2026-04-02 02:00:14+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mii4bujvia2c...
CVE-2024-49329
creationtimestamp| type| source ---|---|--- 2024-10-20 12:24:33+00:00| seen| https://t.me/cvedetector/8411 2026-04-02 04:00:14+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3miicygng222u...
CVE-2024-49621
creationtimestamp| type| source ---|---|--- 2024-10-20 12:24:20+00:00| seen| https://t.me/cvedetector/8403 2026-04-03 07:20:09+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mil6msukal2f...
CVE-2024-49219
creationtimestamp| type| source ---|---|--- 2024-10-17 20:49:58+00:00| seen| https://t.me/cvedetector/8221 2026-04-03 09:00:14+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mile7sby3h2v...
Exploit for SQL Injection in Paloaltonetworks Expedition
CVE-2024-9465: Palo Alto Expedition Unauthenticated SQL Inject...
CVE-2023-36039
creationtimestamp| type| source ---|---|--- 2024-09-26 18:25:07+00:00| seen| https://www.thezdi.com/blog/2024/9/25/exploiting-exchange-powershell-after-proxynotshell-part-4-no-argument-constructor...
CVE-2024-38228
creationtimestamp| type| source ---|---|--- 2024-09-10 17:25:32+00:00| seen| https://www.thezdi.com/blog/2024/9/10/the-september-2024-security-update-review...
CVE-2024-38014
creationtimestamp| type| source ---|---|--- 2024-09-10 17:25:32+00:00| seen| https://www.thezdi.com/blog/2024/9/10/the-september-2024-security-update-review 2024-09-11 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1368 2024-09-11 09:47:58+00:00| exploited|...
NIS bootparamd Domain Name Disclosure
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NIS bootparamd Domain Name Disclosure', 'Description' = %q This module discloses the NIS domain name from bootparamd. You must know a client...