Lucene search
K

475 matches found

NVD
NVD
added 2026/06/17 1:19 p.m.13 views

CVE-2025-69108

Unauthenticated PHP Object Injection in Hot Coffee = 1.7 versions...

9.8CVSS0.00525EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 8:56 p.m.15 views

CVE-2025-69108

CVE-2025-69108 is an unauthenticated PHP Object Injection in the WordPress theme Hot Coffee (<= 1.7). The description specifies unauthenticated object injection in Hot Coffee

9.8CVSS5.3AI score0.00525EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 8:56 p.m.32 views

CVE-2025-69108 WordPress Hot Coffee theme <= 1.7 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Hot Coffee = 1.7 versions...

9.8CVSS0.00525EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/05/26 7:51 a.m.11 views

WordPress Hot Coffee theme <= 1.7 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Hot Coffee versions = 1.7...

5.8AI score0.00525EPSS
Exploits0Affected Software1
CVE
CVE
added 2026/01/22 4:52 p.m.8 views

CVE-2025-68538

CVE-2025-68538 affects ThemeGoods Craft craftcoffee (WordPress Theme Craft) with a DOM-Based XSS in the web page generation path due to improper input neutralization. Affected versions are

7.1CVSS5.4AI score0.00222EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/22 4:52 p.m.3 views

CVE-2025-68538 WordPress Craft | Coffee Shop Cafe Restaurant WordPress theme <= 2.3.6 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Craft craftcoffee allows DOM-Based XSS.This issue affects Craft: from n/a through = 2.3.6...

5.9AI score0.00222EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/22 4:52 p.m.17 views

CVE-2025-68538 WordPress Craft | Coffee Shop Cafe Restaurant WordPress theme <= 2.3.6 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Craft craftcoffee allows DOM-Based XSS.This issue affects Craft: from n/a through = 2.3.6...

7.1CVSS0.00222EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.6 views

PT-2026-4081

Name of the Vulnerable Software and Affected Versions Craft versions prior to 2.3.7 Description A flaw exists in Craft that allows for DOM-Based Cross-site Scripting XSS. This issue occurs due to improper neutralization of input during web page generation. The vulnerability could potentially allo...

5.3AI score0.00222EPSS
Exploits0References3
Patchstack
Patchstack
added 2026/01/20 11:37 a.m.8 views

WordPress Craft | Coffee Shop Cafe Restaurant WordPress theme <= 2.3.6 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Craft versions = 2.3.6...

7.1CVSS5.3AI score0.00222EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 9:31 a.m.9 views

CVE-2023-25030

Missing Authorization vulnerability in Buy Me a Coffee.This issue affects Buy Me a Coffee: from n/a through 3.7...

4.3CVSS6.8AI score0.00237EPSS
Exploits0References1
Intel
Intel
added 2025/12/04 12:0 a.m.147 views

Intel® Smart Sound Technology Advisory

Summary: A potential security vulnerability in Intel® Smart Sound Technology may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2020-0583 Description: Improper access control in the subsystem for Intel...

8.8CVSS8.6AI score0.00368EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/12/03 4:57 p.m.8 views

ch.reportingsoft.birt:birt-runtime-bundle (>=4.19.0 <=4.20.0), cloud.wondrify:coffee-asset-pipeline (>=5.0.10 <=5.1.0-M4) +163 more potentially affected by CVE-2025-66453 via org.mozilla:rhino (=1.8.0)

org.mozilla:rhino MAVEN version =1.8.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.mozilla:rhino and may be impacted: - ch.reportingsoft.birt:birt-runtime-bundle =4.19.0, =5.0.10, =5.0.10, =5.0.10, =10.2.1, =8.0.0, =8.0.0, =5.0.6, =5.0.6, =5.0....

7.5CVSS7.2AI score0.00235EPSS
Exploits0
EUVD
EUVD
added 2025/11/12 4:47 p.m.4 views

EUVD-2025-147858

Malicious code in tehah-coffee-brew npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/12 4:37 a.m.2 views

EUVD-2025-120023

Malicious code in favourite-coffee-stork npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/12 4:37 a.m.2 views

EUVD-2025-120003

Malicious code in zoophagous-coffee-gull npm...

6.6AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/12 4:37 a.m.4 views

Malicious code in favourite-coffee-stork (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7b9ca0e2b4bc589d1779f36ab439cb7a963d9e4ffdccc1e2402235e183ddd9f6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/11/12 3:4 a.m.3 views

EUVD-2025-117361

Malicious code in fun-coffee-butterfly npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/12 3:4 a.m.2 views

EUVD-2025-117479

Malicious code in common-coffee-loon npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/12 3:4 a.m.2 views

EUVD-2025-117356

Malicious code in furious-coffee-weasel npm...

6.6AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/12 3:4 a.m.6 views

Malicious code in clumsy-coffee-roadrunner (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 97bff92247a9e6cb083fc07fcfdedf3b1a9ca205d45cc4370d9a15f7c874727d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
Rows per page
Query Builder