Lucene search
K

5868 matches found

Nuclei
Nuclei
added yesterday27 views

mTheme Unus < 2.3 - Directory Traversal

The mTheme-Unus theme for WordPress, prior to version 2.3, contained a directory traversal flaw that let attackers access arbitrary files. This was possible by exploiting the files parameter in css/css.php with .. sequences. id: CVE-2015-9406 info: name: mTheme Unus 2.3 - Directory Traversal...

7.5CVSS7.1AI score0.55008EPSS
Exploits1References4
Nuclei
Nuclei
added yesterday21 views

FlipperCode Custom CSS, JS & PHP <= 2.0.7 - Remote Code Execution

Custom css-js-php WordPress plugin through 2.0.7 contains a command injection caused by unsanitized user input used in SQL query and passed to eval, letting unauthenticated attackers execute arbitrary PHP code on the server. id: CVE-2026-6433 info: name: FlipperCode Custom CSS, JS & PHP = 2.0.7 -...

7.3CVSS7.3AI score0.00753EPSS
Exploits3References4
Nuclei
Nuclei
added yesterday21 views

tagDiv Composer < 4.2 - Stored Cross-Site Scripting

tagDiv Composer plugin versions before 4.2 for WordPress are vulnerable to unauthenticated stored XSS via the /wp-json/tdw/savecss endpoint. An attacker can inject malicious JavaScript code through the compiledcss parameter, which gets stored and executed when the CSS is loaded. id: CVE-2023-3169...

6.1CVSS6.8AI score0.01582EPSS
Exploits2References2
CVE
CVE
added yesterday10 views

CVE-2026-44767

The CVE-2026-44767 issue arises from setThemeRoot() not enforcing the sap-allowed-theme-origins allowlist, allowing an attacker-controlled absolute cross-origin URL to be stored and used in a element even without a sap-allowed-theme-origins meta tag. The same bypass is reachable via the ?sap-the...

6.1CVSS6.2AI score0.00181EPSS
Exploits0References2
Cvelist
Cvelist
added yesterday9 views

CVE-2026-44767 Allowlist Bypass in setThemeRoot() Enables Cross-Origin CSS Injection

setThemeRoot failed to enforce the sap-allowed-theme-origins allowlist. An attacker-controlled absolute cross-origin URL could be stored and used directly to construct a element, even when no tag was present in the document. The same bypass was reachable via the ?sap-themeRoot URL...

6.1CVSS0.00181EPSS
Exploits0References2
EUVD
EUVD
added yesterday6 views

EUVD-2026-43597

setThemeRoot failed to enforce the sap-allowed-theme-origins allowlist. An attacker-controlled absolute cross-origin URL could be stored and used directly to construct a element, even when no tag was present in the document. The same bypass was reachable via the ?sap-themeRoot URL...

6.1CVSS6.2AI score0.00181EPSS
Exploits0References2
NVD
NVD
added 4 days ago7 views

CVE-2026-9738

The Print, PDF, Email by PrintFriendly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'contentpositioncss' parameter in all versions up to, and including, 5.5.10 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

4.4CVSS0.00208EPSS
Exploits0References8
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-43136

The Print, PDF, Email by PrintFriendly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'contentpositioncss' parameter in all versions up to, and including, 5.5.10 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

4.4CVSS6.2AI score0.00208EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 4 days ago11 views

PT-2026-57402

Name of the Vulnerable Software and Affected Versions Print, PDF, Email by PrintFriendly for WordPress versions prior to 5.5.11 Description Stored Cross-Site Scripting occurs due to insufficient input sanitization and output escaping. Authenticated attackers with administrator-level access and...

4.4CVSS6.2AI score0.00208EPSS
Exploits0References11
Snyk
Snyk
added 5 days ago3 views

Cross-site Scripting (XSS)

Overview snipe/snipe-it is an asset management system built on Laravel. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the headercolor setting in the branding configuration. An attacker with superadmin privileges can inject arbitrary CSS that impacts authenticate...

8.1CVSS6.1AI score0.00389EPSS
Exploits0References2
NVD
NVD
added 5 days ago6 views

CVE-2026-55481

Snipe-IT is an IT asset/license management system. Prior to 8.6.2, default.blade.php renders headercolor and related branding color settings inside a CSS style block with HTML escaping that is insufficient for the CSS context, allowing a superadmin to inject arbitrary CSS that affects authenticat...

6.2CVSS0.00389EPSS
Exploits0References4
CVE
CVE
added 5 days ago8 views

CVE-2026-55481

Snipe-IT (IT asset/license management) prior to 8.6.2 is affected by a CSS injection vulnerability in default.blade.php: header_color and related branding color settings are rendered inside a CSS style block with insufficient HTML escaping for the CSS context. This allows a superadmin to inject a...

6.2CVSS6.2AI score0.00389EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 5 days ago35 views

CVE-2026-55481 Snipe-IT: CSS Injection via `header_color` Setting

Snipe-IT is an IT asset/license management system. Prior to 8.6.2, default.blade.php renders headercolor and related branding color settings inside a CSS style block with HTML escaping that is insufficient for the CSS context, allowing a superadmin to inject arbitrary CSS that affects authenticat...

6.2CVSS0.00389EPSS
Exploits0References4
EUVD
EUVD
added 5 days ago6 views

EUVD-2026-39123

SiYuan: Stored XSS to RCE via CSS-snippet breakout in renderSnippet...

9.9CVSS6.1AI score0.00307EPSS
Exploits0References2
NVD
NVD
added 5 days ago7 views

CVE-2026-59791

In JetBrains YouTrack before 2026.2.17012 cSS injection via Mermaid diagram rendering was possible...

3.5CVSS0.00135EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago29 views

CVE-2026-59791

In JetBrains YouTrack before 2026.2.17012 cSS injection via Mermaid diagram rendering was possible...

3.5CVSS0.00135EPSS
Exploits0References1
NVD
NVD
added 5 days ago8 views

CVE-2026-13347

The Hide My WP Lite plugin for WordPress is vulnerable to Arbitrary File Read in versions up to and including 1.3 via the hewrapperjs and hewrappercss query parameters processed by the elementorassetsfilter function. This is due to the function concatenating user-supplied input directly onto...

7.5CVSS0.00512EPSS
Exploits0References3
CVE
CVE
added 5 days ago15 views

CVE-2026-13347

The CVE-2026-13347 entry documents an unauthenticated Arbitrary File Read in WordPress Hide My WP Lite (versions ≤ 1.3) via the he_wrapper_js and he_wrapper_css parameters. The vulnerability stems from elementor_assets_filter() concatenating user input onto ABSPATH and passing it to file_get_cont...

7.5CVSS6.1AI score0.00512EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 5 days ago9 views

CVE-2026-13347

The Hide My WP Lite plugin for WordPress is vulnerable to Arbitrary File Read in versions up to and including 1.3 via the hewrapperjs and hewrappercss query parameters processed by the elementorassetsfilter function. This is due to the function concatenating user-supplied input directly onto...

7.5CVSS6.1AI score0.00512EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 6 days ago8 views

Soup Sieve: Regular Expression Denial of Service (ReDoS) via Selector Parser

Summary The CSS selector parser in soupsieve the CSS selector engine for Beautiful Soup 4 contains a regular expression vulnerable to catastrophic backtracking. When processing an attribute selector with an unterminated quoted value, the VALUE regex pattern in cssparser.py enters exponential...

7.5CVSS5.9AI score
Exploits0References2Affected Software1
Rows per page
Query Builder