Lucene search
K

212 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-56898

Malicious code in bioql PyPI...

10CVSS9.3AI score0.00645EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2023-57879

Malicious code in bioql PyPI...

8.8CVSS9.2AI score0.01019EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-37384

Malicious code in bioql PyPI...

8.8CVSS9.1AI score0.00254EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-28202

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An XSS issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. The widthheight, widthheightpage, and nbytes properties ...

6.1CVSS6.4AI score0.01152EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 5:25 a.m.7 views

CVE-2023-52225

Deserialization of Untrusted Data vulnerability in Tagbox Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics.This issue affects Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics: from n/a through 3.1...

10CVSS8.6AI score0.00645EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:39 a.m.6 views

CVE-2023-5583

The WP Simple Galleries plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.34 via deserialization of untrusted input from the 'wpsimplegallerygallery' post meta via 'wpsgallery' shortcode. This allows authenticated attackers, with contributor-level...

8.8CVSS6.1AI score0.01019EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:2 a.m.9 views

CVE-2023-33214

Cross-Site Request Forgery CSRF vulnerability in Tagbox Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics.This issue affects Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics: from n/a through 3.1...

8.8CVSS8.5AI score0.00254EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:46 a.m.7 views

CVE-2022-4795

The Galleries by Angie Makes WordPress plugin through 1.67 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting atta...

5.4CVSS5.8AI score0.00466EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2025/05/22 8:49 p.m.4 views

CVE-2021-4384

The WordPress Photo Gallery – Image Gallery plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.6. This is due to missing or incorrect nonce validation on the loadimagesthumbnail and editgallery functions. This makes it possible for unauthenticat...

4.3CVSS5.8AI score0.00398EPSS
Exploits0References1
OSV
OSV
added 2024/09/25 1:15 a.m.5 views

CVE-2024-8437

The WP Easy Gallery – WordPress Gallery Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions hooked via AJAX like wpegsettings and wpegaddgallery in all versions up to, and including, 4.8.5. This makes it possible for authenticate...

4.3CVSS5.8AI score0.0028EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/09/24 12:0 a.m.7 views

PT-2024-39013 · WordPress · Wp Easy Gallery

Name of the Vulnerable Software and Affected Versions: The WP Easy Gallery – WordPress Gallery Plugin versions up to, and including, 4.8.5 Description: The issue is related to unauthorized access due to a missing capability check on several functions hooked via AJAX, such as wpeg settings and wpe...

4.3CVSS6.8AI score0.0028EPSS
Exploits0References7
WPVulnDB
WPVulnDB
added 2024/04/25 12:0 a.m.15 views

Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics < 3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 3.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

6.5CVSS7.8AI score0.0032EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/04/18 10:20 a.m.23 views

CVE-2024-32552 WordPress Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics plugin <= 3.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tagbox Taggbox allows Stored XSS.This issue affects Taggbox: from n/a through 3.2...

6.5CVSS6.6AI score0.0032EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/18 10:20 a.m.24 views

CVE-2024-32552 WordPress Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics plugin <= 3.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tagbox Taggbox allows Stored XSS.This issue affects Taggbox: from n/a through 3.2...

6.5CVSS6.7AI score0.0032EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/04/16 6:22 a.m.6 views

WordPress Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics plugin <= 3.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Taggbox versions = 3.2...

6.5CVSS6.1AI score0.0032EPSS
Exploits0Affected Software1
OSV
OSV
added 2024/03/06 11:7 a.m.23 views

BIT-MEDIAWIKI-2022-28202

An XSS issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. The widthheight, widthheightpage, and nbytes properties of messages are not escaped when used in galleries or Special:RevisionDelete...

6.1CVSS6.4AI score0.01152EPSS
Exploits0References6
Prion
Prion
added 2024/02/29 1:43 a.m.24 views

Design/Logic Flaw

The Sunshine Photo Cart: Free Client Galleries for Photographers plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.0.24 via the 'invoice'. This makes it possible for unauthenticated attackers to extract sensitive data including customer...

5CVSS6.8AI score0.00678EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/02/29 12:0 a.m.5 views

WordPress Plugin Sunshine Photo Cart: Free Client Galleries for Photographers Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

5.3CVSS6.3AI score0.00678EPSS
Exploits0References4
Fedora
Fedora
added 2024/02/12 1:52 a.m.38 views

[SECURITY] Fedora 38 Update: python-nikola-8.3.0-1.fc38

Nikola is a static site and blog generator using Python. It generates sites with tags, feeds, archives, comments, and more from plain text files. Source can be unformatted, or formatted with reStructuredText or Markdown. It also automatically builds image galleries...

7.5CVSS7.6AI score0.01707EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/01/11 12:0 a.m.4 views

PT-2024-15072 · WordPress · Envira Photo Gallery

Name of the Vulnerable Software and Affected Versions: Envira Photo Gallery plugin for WordPress versions up to, and including, 1.8.7.1 Description: The issue allows authenticated attackers with contributor access and above to modify galleries on other users' posts due to an improper capability...

4.3CVSS5.3AI score0.00406EPSS
Exploits0References7
Rows per page
Query Builder