Lucene search
K

106 matches found

OSV
OSV
added 2025/03/12 2:56 a.m.3 views

MAL-2025-2301 Malicious code in code-snippet-editor-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5a18fa3d11188e4b7891ebae39b972feeef16bdfe9a92659b7efc450374065e0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 1:42 a.m.9 views

CVE-2024-11816

The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to Remote Code Execution in version 3.0.11. This is due to a missing capability check on the 'wpexthandlesnippetupdate' function. This makes it possible for authenticated attackers, with Subscriber-level access and...

8.8CVSS7.6AI score0.0074EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/09/09 12:0 a.m.15 views

CKEditor < 4.25.0-LTS Multiples Cross-Site Scripting

According to its self-reported version number, the CKEditor application running on the remote host is prior to 4.25.0-LTS or 4.22.x prior to 4.25.0-LTS. It is, therefore, affected by multiples Cross-Site-Scripting : - In CKEditor 4 Code Snippet GeSHi plugin. The vulnerability allowed a reflected...

6.1CVSS6.5AI score0.00424EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2024/08/22 12:0 a.m.78 views

CKEditor 4.x < 4.25.0 Multiple Vulnerabilities - Windows

CKEditor 4 is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ckeditor:ckeditor"; ifdescriptio...

6.1CVSS5.4AI score0.00424EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2024/08/21 6:29 p.m.26 views

Code Snippet GeSHi plugin in CKEditor 4 has reflected cross-site scripting (XSS) vulnerability

Affected packages The vulnerability has been discovered in Code Snippet GeSHi plugin. All integrators that use GeSHi syntax highlighter on the backend side can be affected. Impact A potential vulnerability has been discovered in CKEditor 4 Code Snippet GeSHi plugin. The vulnerability allowed a...

6.1CVSS6.6AI score0.00424EPSS
Exploits0References5Affected Software2
OSV
OSV
added 2024/08/21 3:15 p.m.2 views

DEBIAN-CVE-2024-43407

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A potential vulnerability has been discovered in CKEditor 4 Code Snippet GeSHi plugin. The vulnerability allowed a reflected XSS attack by exploiting a flaw in the GeSHi syntax highlighter library hosted by the victim. The GeSH...

6.1CVSS7.8AI score0.00424EPSS
Exploits0References1
OSV
OSV
added 2024/08/21 3:15 p.m.1 views

UBUNTU-CVE-2024-43407

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A potential vulnerability has been discovered in CKEditor 4 Code Snippet GeSHi plugin. The vulnerability allowed a reflected XSS attack by exploiting a flaw in the GeSHi syntax highlighter library hosted by the victim. The GeSH...

6.1CVSS5.8AI score0.00424EPSS
Exploits0References7
Cvelist
Cvelist
added 2024/08/21 3:3 p.m.37 views

CVE-2024-43407 Code Snippet GeSHi plugin has reflected cross-site scripting (XSS) vulnerability

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A potential vulnerability has been discovered in CKEditor 4 Code Snippet GeSHi plugin. The vulnerability allowed a reflected XSS attack by exploiting a flaw in the GeSHi syntax highlighter library hosted by the victim. The GeSH...

6.1CVSS0.00424EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/08/21 3:3 p.m.19 views

CVE-2024-43407 Code Snippet GeSHi plugin has reflected cross-site scripting (XSS) vulnerability

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A potential vulnerability has been discovered in CKEditor 4 Code Snippet GeSHi plugin. The vulnerability allowed a reflected XSS attack by exploiting a flaw in the GeSHi syntax highlighter library hosted by the victim. The GeSH...

6.1CVSS6.5AI score0.00424EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2024/08/21 3:3 p.m.15 views

CVE-2024-43407

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A potential vulnerability has been discovered in CKEditor 4 Code Snippet GeSHi plugin. The vulnerability allowed a reflected XSS attack by exploiting a flaw in the GeSHi syntax highlighter library hosted by the victim. The GeSH...

6.1CVSS7.8AI score0.00424EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/08/21 12:0 a.m.4 views

PT-2024-30564 · Geshi +3 · Geshi +3

Name of the Vulnerable Software and Affected Versions: CKEditor4 versions prior to 4.25.0-lts Description: A potential vulnerability has been discovered in the CKEditor 4 Code Snippet GeSHi plugin, allowing a reflected XSS attack by exploiting a flaw in the GeSHi syntax highlighter library. The...

6.1CVSS8.8AI score0.00424EPSS
Exploits0References20
RubySec
RubySec
added 2024/08/21 12:0 a.m.5 views

Code Snippet GeSHi plugin in CKEditor 4 has reflected cross-site scripting (XSS) vulnerability

Affected packages The vulnerability has been discovered in Code Snippet GeSHi plugin. All integrators that use GeSHi syntax highlighter on the backend side can be affected. Impact A potential vulnerability has been discovered in CKEditor 4 Code Snippet GeSHi plugin. The vulnerability allowed a...

6.1CVSS6.6AI score0.00424EPSS
Exploits0References1
NVD
NVD
added 2024/08/15 8:15 a.m.36 views

CVE-2024-43275

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Collision with another CVE...

0.00222EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2024/08/15 8:3 a.m.15 views

CVE-2024-43275

...

5.2AI score0.00222EPSS
Exploits0
CVE
CVE
added 2024/08/15 8:3 a.m.60 views

CVE-2024-43275

The CVE-2024-43275 entry maps to a CSRF vulnerability in the WordPress plugin “Insert PHP Code Snippet” (versions

5.6AI score0.00222EPSS
Exploits0
Cvelist
Cvelist
added 2024/08/15 8:3 a.m.34 views

CVE-2024-43275

...

0.00222EPSS
Exploits0
Patchstack
Patchstack
added 2024/08/15 8:0 a.m.5 views

WordPress Insert PHP Code Snippet plugin <= 1.3.6 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Insert PHP Code Snippet versions = 1.3.6...

7.1AI score0.00222EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2024/08/15 12:0 a.m.2 views

WordPress plugin Insert PHP Code Snippet 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.5CVSS6.8AI score0.00235EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/08/15 12:0 a.m.4 views

WordPress plugin Insert PHP Code Snippet 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

8.8CVSS6.7AI score0.00222EPSS
Exploits0References2
CVE
CVE
added 2024/06/19 2:53 p.m.84 views

CVE-2021-47585

CVE-2021-47585 concerns a memory leak in the Linux kernel's btrfs __add_inode_ref path. The issue arises from allocating victim_name with kmalloc at two points (lines 1104 and 1169) and returning from the function without freeing the previously allocated memory when backref_in_log() returns an er...

5.5CVSS7AI score0.0025EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder