Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

16 matches found

OSV
OSVadded 2026/03/27 7:10 a.m.2 views

BIT-DISCOURSE-2026-33395 Discourse has stored click‑based XSS via Graphviz SVG javascript: links

Discourse is an open-source discussion platform. Prior to versions 2026.3.0, 2026.2.1, and 2026.1.2, the discourse-graphviz plugin contains a stored cross-site scripting XSS vulnerability that allows authenticated users to inject malicious JavaScript code through DOT graph definitions. For...

5.4CVSS5.9AI score0.00021EPSS
Exploits0References5
NVD
NVDadded 2026/03/19 11:16 p.m.4 views

CVE-2026-33395

Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, the discourse-graphviz plugin contains a stored cross-site scripting XSS vulnerability that allows authenticated users to inject malicious JavaScript code through DOT graph definitions. F...

5.4CVSS0.00021EPSS
Exploits0References4
EUVD
EUVDadded 2026/03/19 10:33 p.m.1 views

EUVD-2026-13402

Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, the discourse-graphviz plugin contains a stored cross-site scripting XSS vulnerability that allows authenticated users to inject malicious JavaScript code through DOT graph definitions. F...

4.4CVSS5.7AI score0.00021EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/03/19 10:33 p.m.20 views

CVE-2026-33395 Discourse has stored click‑based XSS via Graphviz SVG javascript: links

Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, the discourse-graphviz plugin contains a stored cross-site scripting XSS vulnerability that allows authenticated users to inject malicious JavaScript code through DOT graph definitions. F...

4.4CVSS0.00021EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/03/19 10:33 p.m.2 views

CVE-2026-33395 Discourse has stored click‑based XSS via Graphviz SVG javascript: links

Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, the discourse-graphviz plugin contains a stored cross-site scripting XSS vulnerability that allows authenticated users to inject malicious JavaScript code through DOT graph definitions. F...

4.4CVSS5.7AI score0.00021EPSS
Exploits0References4
OSV
OSVadded 2026/03/19 10:33 p.m.3 views

CVE-2026-33395 Discourse has stored click‑based XSS via Graphviz SVG javascript: links

Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, the discourse-graphviz plugin contains a stored cross-site scripting XSS vulnerability that allows authenticated users to inject malicious JavaScript code through DOT graph definitions. F...

4.4CVSS5.9AI score0.00021EPSS
Exploits0References6
CVE
CVEadded 2026/03/19 10:33 p.m.2 views

CVE-2026-33395

Discourse, via the discourse-graphviz plugin, is affected by a stored XSS that can be triggered by authenticated users through DOT graph definitions. The issue is present in versions prior to 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, with the vulnerability being mitigated by patches in those pat...

5.4CVSS5.7AI score0.00021EPSS
Exploits0References4Affected Software1
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2015-1141

Malware in sbrugna...

4CVSS4.6AI score0.00092EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2025/09/07 2:32 p.m.1 views

CVE-2025-58870

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DeBAAT WP-GraphViz wp-graphviz allows DOM-Based XSS.This issue affects WP-GraphViz: from n/a through = 1.5.1...

6.5CVSS5.9AI score0.00047EPSS
Exploits0References1
Patchstack
Patchstackadded 2025/09/05 1:43 p.m.3 views

WordPress WP-GraphViz Plugin <= 1.5.1 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Peter Thaleikis in WordPress Plugin WP-GraphViz versions = 1.5.1...

6.5CVSS6AI score0.00047EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologiesadded 2025/09/05 12:0 a.m.2 views

PT-2025-36209

Name of the Vulnerable Software and Affected Versions: DeBAAT WP-GraphViz versions through 1.5.1 Description: The DeBAAT WP-GraphViz plugin contains a DOM-Based Cross-Site Scripting XSS issue. This improper neutralization of input during web page generation allows for potential exploitation...

6.5CVSS5.5AI score0.00047EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2025/05/22 9:22 a.m.4 views

CVE-2015-10131

A vulnerability was found in chrisy TFO Graphviz Plugin up to 1.9 on WordPress and classified as problematic. Affected by this issue is the function adminpageload/adminpage of the file tfo-graphviz-admin.php. The manipulation leads to cross site scripting. The attack may be launched remotely...

4CVSS6.3AI score0.00092EPSS
Exploits0References1
NVD
NVDadded 2024/03/31 6:15 a.m.8 views

CVE-2015-10131

A vulnerability was found in chrisy TFO Graphviz Plugin up to 1.9 on WordPress and classified as problematic. Affected by this issue is the function adminpageload/adminpage of the file tfo-graphviz-admin.php. The manipulation leads to cross site scripting. The attack may be launched remotely...

4CVSS3.7AI score0.00092EPSS
Exploits0References4
CVE
CVEadded 2024/03/31 6:0 a.m.50 views

CVE-2015-10131

CVE-2015-10131 affects the chrisy TFO Graphviz Plugin for WordPress (up to version 1.9). The vulnerability targets the admin_page_load/admin_page function in tfo-graphviz-admin.php, enabling cross-site scripting that can be triggered remotely. A fix is available in version 1.10, and the patch is ...

4CVSS3.7AI score0.00092EPSS
Exploits0References4
Cvelist
Cvelistadded 2024/03/31 6:0 a.m.13 views

CVE-2015-10131 chrisy TFO Graphviz Plugin tfo-graphviz-admin.php admin_page cross site scripting

A vulnerability was found in chrisy TFO Graphviz Plugin up to 1.9 on WordPress and classified as problematic. Affected by this issue is the function adminpageload/adminpage of the file tfo-graphviz-admin.php. The manipulation leads to cross site scripting. The attack may be launched remotely...

4CVSS3.8AI score0.00092EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2024/03/31 12:0 a.m.1 views

PT-2024-10564 · Unknown · Chrisy Tfo Graphviz Plugin

Name of the Vulnerable Software and Affected Versions: chrisy TFO Graphviz Plugin versions up to 1.9 Description: A vulnerability was found in the chrisy TFO Graphviz Plugin, which is classified as problematic. The issue affects the function admin page load/admin page of the file...

4CVSS4.2AI score0.00092EPSS
Exploits0References6
Rows per page
Query Builder