36 matches found
EUVD-2025-3770
Malicious code in bioql PyPI...
EUVD-2024-45864
Malicious code in bioql PyPI...
WordPress kbucket plugin < 4.1.5 - Reflected XSS vulnerability
Reflected XSS vulnerability discovered by Bob Matyas in WordPress Plugin KBucket versions 4.1.5...
WordPress kbucket plugin < 4.1.6 - Admin+ Stored XSS vulnerability
Admin+ Stored XSS vulnerability discovered by Vuln Seeker Cybersecurity Team in WordPress Plugin KBucket versions 4.1.6...
CVE-2024-6665
The KBucket: Your Curated Content in WordPress plugin before 4.1.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...
CVE-2024-6667
The KBucket: Your Curated Content in WordPress plugin before 4.1.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against admin...
CVE-2024-6667
The KBucket: Your Curated Content in WordPress plugin before 4.1.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against admin...
CVE-2024-6665
The KBucket: Your Curated Content in WordPress plugin before 4.1.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...
CVE-2024-6665
The KBucket: Your Curated Content in WordPress plugin before 4.1.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...
CVE-2024-6667
The KBucket: Your Curated Content in WordPress plugin before 4.1.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against admin...
CVE-2024-6667 kbucket < 4.1.5 - Reflected XSS
The KBucket: Your Curated Content in WordPress plugin before 4.1.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against admin...
CVE-2024-6667
The CVE-2024-6667 entry concerns the WordPress plugin KBucket: Your Curated Content in WordPress. It states that versions prior to 4.1.5 do not sanitise or escape a parameter before outputting it on the page, leading to a Reflected XSS that could target admins. The CVSS v3.1 base score is 6.1 (Me...
CVE-2024-6667 kbucket < 4.1.5 - Reflected XSS
The KBucket: Your Curated Content in WordPress plugin before 4.1.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against admin...
CVE-2024-6665
The CVE-2024-6665 entry concerns the KBucket WordPress plugin (pre-4.1.6) with insufficient sanitization/escaping of certain settings, enabling Stored XSS by high-privilege users (e.g., admins) even when unfiltered_html is disallowed (such as in multisite). Public sources identify the affected co...
CVE-2024-6665 kbucket < 4.1.6 - Admin+ Stored XSS
The KBucket: Your Curated Content in WordPress plugin before 4.1.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...
CVE-2024-6665 kbucket < 4.1.6 - Admin+ Stored XSS
The KBucket: Your Curated Content in WordPress plugin before 4.1.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...
PT-2025-21486 · WordPress · The Kbucket: Your Curated Content
Name of the Vulnerable Software and Affected Versions: The KBucket: Your Curated Content in WordPress plugin versions prior to 4.1.5 Description: The issue is related to a Reflected Cross-Site Scripting problem. It occurs because a parameter is not properly sanitised and escaped before being...
WordPress plugin KBucket 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
WordPress plugin KBucket 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
PT-2025-21485 · WordPress · The Kbucket: Your Curated Content
Name of the Vulnerable Software and Affected Versions: The KBucket: Your Curated Content in WordPress plugin versions prior to 4.1.6 Description: The issue concerns the lack of sanitization and escaping of certain settings in the plugin, which could allow high-privilege users, such as admins, to...