Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

32 matches found

NVD
NVDadded 2026/02/14 7:16 a.m.5 views

CVE-2026-0727

The Accordion and Accordion Slider plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.4.5. This is due to the plugin not properly verifying that a user is authorized to perform an action in the 'wpaassaveattachmentdata' and...

5.4CVSS0.00013EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2020-6075

Malware in sbrugna...

5.4CVSS5.6AI score0.00128EPSS
Exploits2References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2025-31296

Malicious code in bioql PyPI...

5.9CVSS6.5AI score0.0003EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2025-4047

Malicious code in bioql PyPI...

7.1CVSS9.1AI score0.0013EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/09/27 8:44 a.m.1 views

CVE-2025-60104

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jordy Meow Gallery Custom Links gallery-custom-links allows Stored XSS.This issue affects Gallery Custom Links: from n/a through = 2.2.5...

5.9CVSS5.9AI score0.0003EPSS
Exploits0References1
Patchstack
Patchstackadded 2025/09/26 9:51 a.m.3 views

WordPress Gallery Custom Links Plugin <= 2.2.5 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by NumeX in WordPress Plugin Gallery Custom Links versions = 2.2.5...

5.9CVSS6AI score0.0003EPSS
Exploits0Affected Software1
NVD
NVDadded 2025/09/26 9:15 a.m.1 views

CVE-2025-60104

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jordy Meow Gallery Custom Links gallery-custom-links allows Stored XSS.This issue affects Gallery Custom Links: from n/a through = 2.2.5...

5.9CVSS0.0003EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/09/26 8:31 a.m.8 views

CVE-2025-60104 WordPress Gallery Custom Links Plugin <= 2.2.5 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jordy Meow Gallery Custom Links gallery-custom-links allows Stored XSS.This issue affects Gallery Custom Links: from n/a through = 2.2.5...

5.9CVSS0.0003EPSS
Exploits0References1
CVE
CVEadded 2025/09/26 8:31 a.m.7 views

CVE-2025-60104

CVE-2025-60104 affects Gallery Custom Links (WordPress plugin) up to version 2.2.5. The vulnerability is a Stored XSS caused by improper neutralization of input during web page generation. Exploitation details are not provided in the initial document, but the CVE description states the issue allo...

5.9CVSS5.9AI score0.0003EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/09/26 8:31 a.m.2 views

CVE-2025-60104 WordPress Gallery Custom Links Plugin <= 2.2.5 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jordy Meow Gallery Custom Links gallery-custom-links allows Stored XSS.This issue affects Gallery Custom Links: from n/a through = 2.2.5...

5.9CVSS5.2AI score0.0003EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/09/26 12:0 a.m.3 views

WordPress plugin Gallery Custom Links 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

5.9CVSS5.7AI score0.0003EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2025/09/26 12:0 a.m.2 views

PT-2025-39551

Name of the Vulnerable Software and Affected Versions Jordy Meow Gallery Custom Links versions through 2.2.5 Description The software contains a flaw due to improper handling of input during the creation of web pages, leading to a Cross-site Scripting XSS issue. This specific instance allows for...

5.9CVSS5.8AI score0.0003EPSS
Exploits0References3
CNNVD
CNNVDadded 2025/09/03 12:0 a.m.1 views

Dive 安全漏洞

Dive is an OpenAgentPlatform open source MCP hosted desktop application. A security vulnerability exists in Dive 0.9.3 and earlier versions that stems from improper handling of custom URLs and could lead to remote code execution...

8.8CVSS7.6AI score0.00587EPSS
Exploits1References2
OSV
OSVadded 2025/06/10 8:17 p.m.2 views

GHSA-WJW6-95H5-4JPX Nautobot vulnerable to secrets exposure and data manipulation through Jinja2 templating

Impact What kind of vulnerability is it? Who is impacted? All users of Nautobot versions prior to 2.4.10 or prior to 1.6.32 are potentially affected. Due to insufficient security configuration of the Jinja2 templating feature used in computed fields, custom links, etc. in Nautobot: 1. A malicious...

6CVSS5.9AI score0.0018EPSS
Exploits0References9
RedhatCVE
RedhatCVEadded 2025/05/23 9:24 a.m.1 views

CVE-2024-36684

In the module "Custom links" pkcustomlinks = 2.3 from Promokit.eu for PrestaShop, a guest can perform SQL injection. The script ajax.php have a sensitive SQL call that can be executed with a trivial http call and exploited to forge a SQL injection...

9.8CVSS5.9AI score0.00808EPSS
Exploits0References1
Patchstack
Patchstackadded 2025/02/14 1:16 p.m.2 views

WordPress Gallery Custom Links Plugin <= 2.2.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Caesar Evan Santoso Patchstack Alliance in WordPress Plugin Gallery versions = 2.2.1...

5.9CVSS6.1AI score0.00062EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVEadded 2025/02/09 10:19 a.m.7 views

CVE-2025-25135

Cross-Site Request Forgery CSRF vulnerability in Victor Barkalov Custom Links On Admin Dashboard Toolbar customize-wpadmin allows Stored XSS.This issue affects Custom Links On Admin Dashboard Toolbar: from n/a through = 3.3...

7.1CVSS7.2AI score0.0013EPSS
Exploits0References1
NVD
NVDadded 2025/02/07 10:15 a.m.9 views

CVE-2025-25135

Cross-Site Request Forgery CSRF vulnerability in Victor Barkalov Custom Links On Admin Dashboard Toolbar customize-wpadmin allows Stored XSS.This issue affects Custom Links On Admin Dashboard Toolbar: from n/a through = 3.3...

7.1CVSS0.0013EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/02/07 10:11 a.m.15 views

CVE-2025-25135 WordPress Custom Links On Admin Dashboard Toolbar plugin <= 3.3 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Victor Barkalov Custom Links On Admin Dashboard Toolbar customize-wpadmin allows Stored XSS.This issue affects Custom Links On Admin Dashboard Toolbar: from n/a through = 3.3...

7.1CVSS7.2AI score0.0013EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/02/07 10:11 a.m.17 views

CVE-2025-25135 WordPress Custom Links On Admin Dashboard Toolbar plugin <= 3.3 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Victor Barkalov Custom Links On Admin Dashboard Toolbar customize-wpadmin allows Stored XSS.This issue affects Custom Links On Admin Dashboard Toolbar: from n/a through = 3.3...

7.1CVSS0.0013EPSS
Exploits0References1
Rows per page
Query Builder