Lucene search
K

18 matches found

RedhatCVE
RedhatCVE
added 2026/01/23 9:16 p.m.5 views

CVE-2025-67952

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Grand Tour grandtour allows Reflected XSS.This issue affects Grand Tour: from n/a through 5.6.2...

7.1CVSS5.4AI score0.0023EPSS
Exploits0References1
NVD
NVD
added 2026/01/22 5:16 p.m.2 views

CVE-2025-67952

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Grand Tour grandtour allows Reflected XSS.This issue affects Grand Tour: from n/a through 5.6.2...

7.1CVSS0.0023EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/22 4:51 p.m.1 views

CVE-2025-67952 WordPress Grand Tour theme < 5.6.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Grand Tour grandtour allows Reflected XSS.This issue affects Grand Tour: from n/a through 5.6.2...

5.9AI score0.0023EPSS
Exploits0References1
CVE
CVE
added 2026/01/22 4:51 p.m.8 views

CVE-2025-67952

CVE-2025-67952 is a reflected XSS in the WordPress ThemeGoods Grand Tour theme prior to version 5.6.2. The initial record confirms the vulnerability and affected version, with remediation via upgrading to 5.6.2 or later (patched). The connected sources also catalog the same CVE across multiple fe...

7.1CVSS5.4AI score0.0023EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/22 4:51 p.m.16 views

CVE-2025-67952 WordPress Grand Tour theme < 5.6.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Grand Tour grandtour allows Reflected XSS.This issue affects Grand Tour: from n/a through 5.6.2...

7.1CVSS0.0023EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/22 4:51 p.m.2 views

CVE-2025-67952

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Grand Tour grandtour allows Reflected XSS.This issue affects Grand Tour: from n/a through 5.6.2...

7.1CVSS5.3AI score0.0023EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.5 views

PT-2026-4032

Name of the Vulnerable Software and Affected Versions ThemeGoods Grand Tour versions prior to 5.6.2 Description The software contains a flaw due to improper handling of user-supplied data when creating web pages, leading to a potential Reflected Cross-site Scripting XSS issue. This could allow an...

5.3AI score0.0023EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.6 views

WordPress plugin Grand Tour has a cross-site scripting vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

7.1CVSS5.7AI score0.0023EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/01/20 11:36 a.m.8 views

WordPress Grand Tour theme < 5.6.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Grand Tour versions 5.6.2...

7.1CVSS5.3AI score0.0023EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-27958

Malicious code in bioql PyPI...

9.8CVSS9.1AI score0.00503EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/25 1:19 p.m.7 views

CVE-2025-39485

Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Tour grandtour allows Object Injection.This issue affects Grand Tour: from n/a through = 5.6...

9.8CVSS7.2AI score0.00503EPSS
Exploits0References1
OSV
OSV
added 2025/05/23 1:15 p.m.3 views

CVE-2025-39485

Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Tour | Travel Agency WordPress allows Object Injection. This issue affects Grand Tour | Travel Agency WordPress: from n/a through 5.5.1...

9.8CVSS5.8AI score0.00503EPSS
Exploits0References1
NVD
NVD
added 2025/05/23 1:15 p.m.7 views

CVE-2025-39485

Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Tour grandtour allows Object Injection.This issue affects Grand Tour: from n/a through = 5.6...

9.8CVSS0.00503EPSS
Exploits0References1
CVE
CVE
added 2025/05/23 12:43 p.m.42 views

CVE-2025-39485

CVE-2025-39485 concerns the Grand Tour | Travel Agency WordPress theme deserializing untrusted data, enabling PHP object injection in versions up to 5.5.1. Public sources confirm a WordPress theme vulnerability with a critical CVSS 9.8, affecting the Grand Tour theme and labeled as unpatched in t...

9.8CVSS7.2AI score0.00503EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/05/23 12:43 p.m.4 views

CVE-2025-39485 WordPress GrandTour Theme <= 5.5.1 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Tour | Travel Agency WordPress allows Object Injection. This issue affects Grand Tour | Travel Agency WordPress: from n/a through 5.5.1...

9.8CVSS9.6AI score0.00503EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/23 12:0 a.m.4 views

PT-2025-22701 · WordPress · Grand Tour

Name of the Vulnerable Software and Affected Versions: Grand Tour | Travel Agency WordPress versions through 5.5.1 Description: The issue is related to Deserialization of Untrusted Data, which allows Object Injection. This can potentially be exploited by injecting malicious objects into the...

9.8CVSS9.2AI score0.00503EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/05/23 12:0 a.m.3 views

WordPress plugin Grand Tour | Travel Agency 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability exists in...

9.8CVSS8.5AI score0.00503EPSS
Exploits0References1
Openbugbounty
Openbugbounty
added 2018/02/05 3:18 p.m.9 views

rvtrader.com XSS vulnerability

Open Bug Bounty ID: OBB-553453 Description| Value ---|--- Affected Website:| rvtrader.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.2AI score
Exploits0
Rows per page
Query Builder