Lucene search
K

98 matches found

CNNVD
CNNVD
added 2025/11/04 12:0 a.m.6 views

WordPress plugin Greenshift 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

6.4CVSS5.8AI score0.00176EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-33999

Malicious code in bioql PyPI...

4.3CVSS9AI score0.00485EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-12439

Malicious code in bioql PyPI...

6.8CVSS5.6AI score0.00627EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-58859

Malicious code in bioql PyPI...

7.2CVSS7.6AI score0.01274EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-48001

Malicious code in bioql PyPI...

6.4CVSS8.7AI score0.00274EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-51977

Malicious code in bioql PyPI...

5.4CVSS5.6AI score0.00393EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.13 views

EUVD-2025-12330

Malicious code in bioql PyPI...

8.8CVSS8.7AI score0.02027EPSS
Exploits1References6
Patchstack
Patchstack
added 2025/08/22 1:52 p.m.5 views

WordPress Greenshift Plugin <= 12.1.1 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Denver Jackson in WordPress Plugin Greenshift versions = 12.1.1...

4.3CVSS6.7AI score0.00181EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2025/08/22 11:59 a.m.3 views

CVE-2025-57884 WordPress Greenshift Plugin <= 12.1.1 - Broken Access Control Vulnerability

Missing Authorization vulnerability in wpsoul Greenshift allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Greenshift: from n/a through 12.1.1...

4.3CVSS6.5AI score0.00181EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/22 11:59 a.m.9 views

CVE-2025-57884 WordPress Greenshift Plugin <= 12.1.1 - Broken Access Control Vulnerability

Missing Authorization vulnerability in wpsoul Greenshift greenshift-animation-and-page-builder-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Greenshift: from n/a through = 12.1.1...

4.3CVSS0.00181EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/06 12:0 a.m.4 views

WordPress plugin Greenshift 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.5CVSS6.1AI score0.00215EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:50 a.m.6 views

CVE-2024-11181

The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 9.9.9.3 via the 'wpreusablerender' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticate...

4.3CVSS6.7AI score0.00485EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:0 a.m.6 views

CVE-2024-6155

The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Authenticated Subscriber+ Server-Side Request Forgery and Stored Cross Site Scripting in all versions up to, and including, 9.0.0 due to a missing capability check in the greenshiftdownloadfilelocaly function...

6.4CVSS6AI score0.00274EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:55 a.m.6 views

CVE-2023-0378

The Greenshift WordPress plugin before 5.0 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.8CVSS4.4AI score0.00627EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:4 a.m.14 views

CVE-2023-6636

The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation on the 'gspbsavefiles' function in versions up to, and including, 7.6.2. This makes it possible for authenticated attackers with administrator-level...

7.2CVSS7.7AI score0.01274EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:23 a.m.8 views

CVE-2022-4653

The Greenshift WordPress plugin before 4.8.9 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack...

5.4CVSS6AI score0.00393EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/04/29 12:0 a.m.8 views

Greenshift Plugin for WordPress < 11.4.5 Arbitrary File Upload

The WordPress Greenshift Plugin installed on the remote host is affected by an Arbitrary File Upload. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number. No source data...

8.8CVSS7.4AI score0.02027EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/04/25 6:40 p.m.26 views

CVE-2025-3616

The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the gspbmakeproxyapirequest function in versions 11.4 to 11.4.5. This makes it possible for authenticated attackers, with Subscriber-level access...

8.8CVSS7.7AI score0.02027EPSS
Exploits1References1
CVE
CVE
added 2025/04/22 4:21 a.m.102 views

CVE-2025-3616

The Greenshift – animation and page builder blocks WordPress plugin (versions 11.4–11.4.5) is vulnerable to an authenticated arbitrary file upload due to missing file type validation in gspb_make_proxy_api_request(), allowing Subscriber+ users to upload files on the server and potentially achieve...

8.8CVSS8.8AI score0.02027EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2025/04/22 4:21 a.m.21 views

CVE-2025-3616 Greenshift 11.4 - 11.4.5 - Authenticated (Subscriber+) Arbitrary File Upload

The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the gspbmakeproxyapirequest function in versions 11.4 to 11.4.5. This makes it possible for authenticated attackers, with Subscriber-level access...

8.8CVSS0.02027EPSS
Exploits1References5
Rows per page
Query Builder