Lucene search
K

91 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2024-30356

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.00312EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:17 a.m.9 views

CVE-2024-32554

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Knight Lab Knight Lab Timeline allows Stored XSS.This issue affects Knight Lab Timeline: from n/a through 3.9.3.4...

6.5CVSS5.2AI score0.00312EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:21 a.m.8 views

CVE-2024-2287

The Knight Lab Timeline plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 3.9.3.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS5.8AI score0.00353EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2025/02/14 10:17 a.m.43 views

RansomHub Becomes 2024's Top Ransomware Group, Hitting 600+ Organizations Globally

The threat actors behind the RansomHub ransomware-as-a-service RaaS scheme have been observed leveraging now-patched security flaws in Microsoft Active Directory and the Netlogon protocol to escalate privileges and gain unauthorized access to a victim network's domain controller as part of their...

10CVSS8AI score0.99999EPSS
Exploits133
OSV
OSV
added 2024/06/25 12:55 p.m.10 views

MAL-2024-2860 Malicious code in pelisplus-repelis-ver-detective-knight-independence-peliculas-completa-en-espanol (npm)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/06/05 10:10 a.m.13 views

Rebranded Knight Ransomware Targeting Healthcare and Businesses Worldwide

An analysis of a nascent ransomware strain called RansomHub has revealed it to be an updated and rebranded version of Knight ransomware, itself an evolution of another ransomware known as Cyclops. Knight aka Cyclops 2.0 ransomware first arrived in May 2023, employing double extortion tactics to...

7.8AI score
Exploits0
NVD
NVD
added 2024/04/18 10:15 a.m.9 views

CVE-2024-32554

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Knight Lab Knight Lab Timeline allows Stored XSS.This issue affects Knight Lab Timeline: from n/a through 3.9.3.4...

6.5CVSS6.4AI score0.00312EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/18 10:11 a.m.20 views

CVE-2024-32554 WordPress Knight Lab Timeline plugin <= 3.9.3.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Knight Lab Knight Lab Timeline allows Stored XSS.This issue affects Knight Lab Timeline: from n/a through 3.9.3.4...

6.5CVSS6.6AI score0.00312EPSS
Exploits0References1
CVE
CVE
added 2024/04/18 10:11 a.m.60 views

CVE-2024-32554

CVE-2024-32554: Knight Lab Timeline plugin for WordPress is affected by Stored XSS due to improper neutralization of input during web page generation. Affected versions include Knight Lab Timeline up to 3.9.3.4. The vulnerability is currently listed as Unpatched in the provided sources; no fix/ve...

6.5CVSS5.2AI score0.00312EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/18 10:11 a.m.10 views

CVE-2024-32554 WordPress Knight Lab Timeline plugin <= 3.9.3.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Knight Lab Knight Lab Timeline allows Stored XSS.This issue affects Knight Lab Timeline: from n/a through 3.9.3.4...

6.5CVSS6.7AI score0.00312EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/04/18 12:0 a.m.4 views

PT-2024-24675 · Knight · Knight Lab Timeline

Name of the Vulnerable Software and Affected Versions: Knight Lab Timeline versions 3.9.3.4 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Stored XSS attacks. Recommendations: For...

6.5CVSS5.6AI score0.00312EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/04/18 12:0 a.m.3 views

WordPress Plugin Knight Lab Timeline 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress...

6.5CVSS5.9AI score0.00312EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/04/16 6:33 a.m.6 views

WordPress Knight Lab Timeline plugin <=3.9.3.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Knight Lab Timeline versions = 3.9.3.4...

6.5CVSS6.1AI score0.00312EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/04/16 12:0 a.m.10 views

WordPress Knight Lab Timeline Plugin <=3.9.3.4 is vulnerable to Cross Site Scripting (XSS)

Software Knight Lab Timeline Type Plugin Vulnerable versions =3.9.3.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32554 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID e1498a16164e Credits LVT-tholv2k Required privilege...

6.5CVSS6.6AI score0.00312EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/04/09 6:59 p.m.17 views

CVE-2024-2287 Knight Lab Timeline <= 3.9.3.3 - Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode

The Knight Lab Timeline plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 3.9.3.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS5.8AI score0.00353EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/04/09 12:0 a.m.9 views

WordPress Plugin Knight Lab Timeline 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

6.4CVSS7.7AI score0.00353EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/04/09 12:0 a.m.5 views

PT-2024-19592 · WordPress · Knight Lab Timeline

Name of the Vulnerable Software and Affected Versions: Knight Lab Timeline plugin for WordPress versions up to, and including, 3.9.3.3 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping on user-supplied attributes in the...

6.4CVSS7.9AI score0.00353EPSS
Exploits0References4
Patchstack
Patchstack
added 2024/03/18 12:0 a.m.16 views

WordPress Knight Lab Timeline Plugin <= 3.9.3.3 is vulnerable to Cross Site Scripting (XSS)

Software Knight Lab Timeline Type Plugin Vulnerable versions = 3.9.3.3 Fixed in 3.9.3.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2287 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID a18014776421 Credits Tien Luong...

6.4CVSS5.8AI score0.00353EPSS
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/15 12:0 a.m.13 views

Knight Lab Timeline < 3.9.3.4 - Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode

Description The Knight Lab Timeline plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 3.9.3.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS5.9AI score0.00353EPSS
Exploits0References1Affected Software1
hivepro
hivepro
added 2023/10/09 11:41 a.m.24 views

QakBot Resurges Latest Strikes with Ransom Knight and Remcos RAT

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The QakBot malware has been associated with a persistent phishing campaign since the beginning of August 2023, leading to the deployment of both the Ransom Knight ransomware and the Remcos RAT. To receiv...

6.9AI score
Exploits0
Rows per page
Query Builder