Lucene search
K

129 matches found

Vulnrichment
Vulnrichment
added 3 days ago3 views

CVE-2026-58451 Horde IMP < 7.0.1 Path Traversal via Compose.php img src

Horde IMP before 7.0.1 contains a path traversal vulnerability in lib/Compose.php that allows authenticated attackers to read arbitrary files from the server filesystem by embedding traversal sequences after a CKEditor path prefix in img src URLs. Attackers can bypass the stripos prefix validatio...

7.1CVSS5.9AI score0.00379EPSS
Exploits0References6
NVD
NVD
added 2026/06/25 4:16 p.m.7 views

CVE-2026-48942

K2 ≤ 2.26 renders the k2users.image column directly into HTML src attributes via two distinct templates, in both cases without HTML escaping...

6.1CVSS0.00149EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 3:23 p.m.13 views

EUVD-2026-39439

K2 ≤ 2.26 renders the k2users.image column directly into HTML src attributes via two distinct templates, in both cases without HTML escaping...

6.1CVSS5.8AI score0.00149EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/25 3:23 p.m.6 views

CVE-2026-48942 Joomla Extension - getk2.org - Stored-XSS in K2 extension for Joomla < 2.26

K2 ≤ 2.26 renders the k2users.image column directly into HTML src attributes via two distinct templates, in both cases without HTML escaping...

5.8AI score0.00149EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/25 3:23 p.m.4 views

CVE-2026-48942

K2 ≤ 2.26 renders the k2users.image column directly into HTML src attributes via two distinct templates, in both cases without HTML escaping...

6.1CVSS5.8AI score0.00149EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/25 3:23 p.m.10 views

CVE-2026-48942

Affected software: K2 extension for Joomla (getk2.com), version constraint listed as K2 ≤ 2.26. Vulnerability: two templates render the database column __#k2_users.image directly into HTML src attributes without HTML escaping, revealing a stored-XSS risk. Root cause: lack of escaping when injecti...

6.1CVSS5.8AI score0.00149EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/25 2:29 p.m.32 views

CVE-2026-57535

Content injected to PDF rendering contexts could, in many places, include HTML content including tags. If the src attribute of these images pointed to an URL, the PDF rendering engine would download the image from that place and display it, thereby leaking information about the rendering server a...

2.1CVSS0.00308EPSS
Exploits0References1
CVE
CVE
added 2026/06/24 5:33 a.m.8 views

CVE-2026-9620

CVE-2026-9620 concerns the WordPress plugin WP Latest Posts (≤ 5.0.11). It enables a Stored Cross-Site Scripting (XSS) via crafted image src attributes in post content. The root cause is insufficient output escaping in the plugin’s field() and loop() functions, which extract the raw src from img ...

6.4CVSS6AI score0.00207EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/24 5:33 a.m.33 views

CVE-2026-9620 WP Latest Posts <= 5.0.11 - Authenticated (Author+) Stored Cross-Site Scripting via Post Content Image src Attribute

The WP Latest Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via crafted image src attributes in post content in versions up to, and including, 5.0.11. This is due to insufficient output escaping in the field and loop functions, which extract the raw src attribute value...

6.4CVSS0.00207EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.9 views

PT-2026-51699

Name of the Vulnerable Software and Affected Versions WP Latest Posts versions prior to 5.0.12 Description The plugin is subject to Stored Cross-Site Scripting due to insufficient output escaping in the field and loop functions. These functions use a regular expression to extract the raw src...

6.4CVSS6AI score0.00207EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2026/06/05 7:28 p.m.9 views

CVE-2026-4852

The Image Source Control Lite – Show Image Credits and Captions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Image Source' attachment field in all versions up to, and including, 3.9.1 due to insufficient input sanitization and output escaping. This makes it possible...

6.4CVSS5.7AI score0.00155EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 7:48 a.m.40 views

CVE-2026-2300 BJ Lazy Load <= 1.0.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom HTML Block

The BJ Lazy Load plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the filterimages function in all versions up to, and including, 1.0.9. This is due to the use of regex-based HTML processing pregreplace that does not properly handle HTML attribute boundaries when replacing sr...

6.4CVSS0.00193EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/20 9:31 p.m.5 views

EUVD-2026-23974

The Image Source Control Lite – Show Image Credits and Captions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Image Source' attachment field in all versions up to, and including, 3.9.1 due to insufficient input sanitization and output escaping. This makes it possible...

6.4CVSS5.9AI score0.00155EPSS
Exploits0References3
NVD
NVD
added 2026/04/20 9:16 p.m.8 views

CVE-2026-4852

The Image Source Control Lite – Show Image Credits and Captions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Image Source' attachment field in all versions up to, and including, 3.9.1 due to insufficient input sanitization and output escaping. This makes it possible...

6.4CVSS0.00155EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/20 8:26 p.m.29 views

CVE-2026-4852 Image Source Control Lite – Show Image Credits and Captions <= 3.9.1 - Authenticated (Author+) Stored Cross-Site Scripting via 'Image Source' Field

The Image Source Control Lite – Show Image Credits and Captions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Image Source' attachment field in all versions up to, and including, 3.9.1 due to insufficient input sanitization and output escaping. This makes it possible...

6.4CVSS0.00155EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/20 8:26 p.m.3 views

CVE-2026-4852 Image Source Control Lite – Show Image Credits and Captions <= 3.9.1 - Authenticated (Author+) Stored Cross-Site Scripting via 'Image Source' Field

The Image Source Control Lite – Show Image Credits and Captions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Image Source' attachment field in all versions up to, and including, 3.9.1 due to insufficient input sanitization and output escaping. This makes it possible...

6.4CVSS5.9AI score0.00155EPSS
Exploits0References2
CVE
CVE
added 2026/04/20 8:26 p.m.9 views

CVE-2026-4852

The CVE-2026-4852 entry concerns the Image Source Control Lite – Show Image Credits and Captions WordPress plugin. Affected component: the Image Source attachment field. Root cause: insufficient input sanitization and output escaping. Impact: Stored Cross-Site Scripting that can be triggered when...

6.4CVSS5.9AI score0.00155EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/20 8:26 p.m.3 views

CVE-2026-4852

The Image Source Control Lite – Show Image Credits and Captions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Image Source' attachment field in all versions up to, and including, 3.9.1 due to insufficient input sanitization and output escaping. This makes it possible...

6.4CVSS5.9AI score0.00155EPSS
Exploits0References3
Patchstack
Patchstack
added 2026/04/20 7:57 a.m.5 views

WordPress Image Source Control Lite – Show Image Credits and Captions plugin <= 3.9.1 - Authenticated (Author+) Stored Cross-Site Scripting vulnerability

Authenticated Author+ Stored Cross-Site Scripting vulnerability discovered by ? in WordPress Plugin Image Source Control versions = 3.9.1...

6.4CVSS5.8AI score0.00155EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/20 12:0 a.m.7 views

PT-2026-33849

The Image Source Control Lite – Show Image Credits and Captions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Image Source' attachment field in all versions up to, and including, 3.9.1 due to insufficient input sanitization and output escaping. This makes it possible...

6.4CVSS5.9AI score0.00155EPSS
Exploits0References4
Rows per page
Query Builder