Lucene search
K

515 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-38449

Malicious code in bioql PyPI...

5.9CVSS6.3AI score0.00369EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/16 11:25 a.m.4 views

CVE-2025-54674

Cross-Site Request Forgery CSRF vulnerability in mklacroix Product Configurator for WooCommerce product-configurator-for-woocommerce allows Cross Site Request Forgery.This issue affects Product Configurator for WooCommerce: from n/a through = 1.4.4...

5.4CVSS5.9AI score0.00135EPSS
Exploits0References1
OSV
OSV
added 2025/08/14 6:52 p.m.3 views

MAL-2025-14141 Malicious code in afisha-ab-configurator (npm)

The package afisha-ab-configurator was found to contain malicious code...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.4 views

Malicious code in afisha-ab-configurator (npm)

The package afisha-ab-configurator was found to contain malicious code...

7AI score
Exploits0
NVD
NVD
added 2025/08/14 11:15 a.m.3 views

CVE-2025-54674

Cross-Site Request Forgery CSRF vulnerability in mklacroix Product Configurator for WooCommerce product-configurator-for-woocommerce allows Cross Site Request Forgery.This issue affects Product Configurator for WooCommerce: from n/a through = 1.4.4...

5.4CVSS0.00135EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/14 10:34 a.m.4 views

CVE-2025-54674 WordPress Product Configurator for WooCommerce Plugin plugin <= 1.4.4 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in mklacroix Product Configurator for WooCommerce allows Cross Site Request Forgery. This issue affects Product Configurator for WooCommerce: from n/a through 1.4.4...

5.4CVSS7.2AI score0.00135EPSS
Exploits0References1
CVE
CVE
added 2025/08/14 10:34 a.m.12 views

CVE-2025-54674

CVE-2025-54674 concerns the WordPress plugin Product Configurator for WooCommerce (mklacroix) and is a CSRF vulnerability affecting versions up to and including 1.4.4. The CVE entry is supported by multiple sources noting a CSRF flaw that can be triggered in authenticated user sessions, with CVSS...

5.4CVSS5.9AI score0.00135EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/14 10:34 a.m.10 views

CVE-2025-54674 WordPress Product Configurator for WooCommerce Plugin plugin <= 1.4.4 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in mklacroix Product Configurator for WooCommerce product-configurator-for-woocommerce allows Cross Site Request Forgery.This issue affects Product Configurator for WooCommerce: from n/a through = 1.4.4...

5.4CVSS0.00135EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/14 12:0 a.m.2 views

WordPress plugin Product Configurator for WooCommerce 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

5.4CVSS6.4AI score0.00135EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/14 12:0 a.m.3 views

PT-2025-33227 · WordPress · Staggs Product Configurator For Woocommerce

Name of the Vulnerable Software and Affected Versions: Product Configurator for WooCommerce versions n/a through 1.4.4 Description: The software contains a Cross-Site Request Forgery CSRF flaw. This issue allows attackers to perform actions on behalf of authenticated users without their knowledge...

5.4CVSS6.5AI score0.00135EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2025/07/15 8:0 p.m.15 views

ai.swim:swim-js (=3.10.0), ai.swim:swim-vm (=3.10.0) +3052 more potentially affected by CVE-2025-50106 via org.graalvm.sdk:graal-sdk (>=19.0.0 <=21.0.0.2)

org.graalvm.sdk:graal-sdk MAVEN version =19.0.0, =0.0.1, =0.1.5, =0.1.5, =0.0.2, =0.0.2, =1.5.1, =1.0.0, =1.0.2, =1.0.0, =1.0.2, =1.0.2, =1.1.4 and more Source cves: CVE-2025-50106 Source advisory: SNYK:JAVA-ORGGRAALVMSDK-11998131...

8.1CVSS7.1AI score0.00611EPSS
Exploits0
OSV
OSV
added 2025/07/15 1:13 a.m.1 views

MAL-2025-5887 Malicious code in agent-configurator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0e65ce26b3c1e446de253231422a7c11c3d90e68dcd8caab1efbdba56150e10a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/07/15 1:13 a.m.1 views

Malicious code in agent-configurator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0e65ce26b3c1e446de253231422a7c11c3d90e68dcd8caab1efbdba56150e10a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/07/09 12:1 a.m.3 views

Malicious code in oneapi-environment-configurator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3b59cc2d584cc83aeb72d1b1e463e2f4423a81b86d2fa4b7a2bdcf7867bba348 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2025/07/09 12:1 a.m.2 views

MAL-2025-5713 Malicious code in oneapi-environment-configurator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3b59cc2d584cc83aeb72d1b1e463e2f4423a81b86d2fa4b7a2bdcf7867bba348 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/07/09 12:1 a.m.4 views

Malicious code in vscode-oneapi-environment-configurator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e8b4992dcea3340ef6012db58cede2756b194c824f67c49b3ebae3b30a9b946c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/07/09 12:1 a.m.4 views

Malicious code in oneapi-analysis-configurator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 62a408f2d5e2b67773b97c7a264f55597c4afd65c8bd0858394b6fbff152ec17 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2025/07/09 12:1 a.m.2 views

MAL-2025-5712 Malicious code in oneapi-analysis-configurator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 62a408f2d5e2b67773b97c7a264f55597c4afd65c8bd0858394b6fbff152ec17 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:39 a.m.5 views

CVE-2024-51907

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Codemenschen WP Virtual Room Configurator configure-conference-room allows Stored XSS.This issue affects WP Virtual Room Configurator: from n/a through = 1.0.0...

6.5CVSS7.2AI score0.00331EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:2 a.m.8 views

CVE-2023-1893

The Login Configurator WordPress plugin through 2.1 does not properly escape a URL parameter before outputting it to the page, leading to a reflected cross-site scripting vulnerability targeting site administrators...

6.1CVSS8.1AI score0.00712EPSS
Exploits3References1
Rows per page
Query Builder