Lucene search
K

70 matches found

Cvelist
Cvelist
added 4 days ago21 views

CVE-2026-14128

Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Low...

0.00179EPSS
Exploits0References2
OSV
OSV
added 2025/10/14 9:29 a.m.20 views

BIT-PYTHON-MIN-2024-5642 Buffer overread when using an empty list with SSLContext.set_npn_protocols()

CPython 3.9 and earlier doesn't disallow configuring an empty list "" for SSLContext.setnpnprotocols which is an invalid value for the underlying OpenSSL API. This results in a buffer over-read when NPN is used see CVE-2024-5535 for OpenSSL. This vulnerability is of low severity due to NPN being...

9.1CVSS7.3AI score0.05582EPSS
Exploits1References9
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-1332

Malicious code in bioql PyPI...

3.9CVSS4.8AI score0.00189EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.0 views

EUVD-2023-24024

Malicious code in bioql PyPI...

6.5CVSS8.1AI score0.0092EPSS
Exploits0References6
OSV
OSV
added 2025/09/25 8:55 a.m.1 views

BIT-WORDPRESS-MULTISITE-2025-58246 WordPress <= 6.8.2 - (Contributor+) Sensitive Data Exposure Vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in WordPress allows Retrieve Embedded Sensitive Data. The WordPress Core security team is aware of the issue and is already working on a fix. This is a low-severity vulnerability. Contributor-level privileges required in order to...

4.3CVSS5.3AI score0.0025EPSS
Exploits0References4
Patchstack
Patchstack
added 2025/09/22 6:57 p.m.5 views

WordPress Content Mask plugin <= 1.8.5.3 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Nabil Irawan in WordPress Plugin Content Mask versions = 1.8.5.3...

3.8CVSS6.8AI score0.00314EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/09/11 1:32 a.m.6 views

WordPress Certifica WP plugin <= 3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via evento Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via evento Parameter vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Certifica WP versions = 3.1...

6.4CVSS5.6AI score0.00271EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/08/20 5:46 a.m.3 views

WordPress rajce plugin <= 0.4.2 - Server Side Request Forgery (SSRF) vulnerability

Server Side Request Forgery SSRF vulnerability discovered by Nabil Irawan Patchstack Alliance in WordPress Plugin rajce versions = 0.4.2...

4.9CVSS6.8AI score0.00172EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/08/19 4:27 a.m.7 views

WordPress Page Transition plugin <= 1.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Nabil Irawan Patchstack Alliance in WordPress Plugin Page Transition versions = 1.3...

5.9CVSS5.6AI score0.00223EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/08/15 11:38 p.m.5 views

WordPress Embed Bokun plugin <= 0.23 - Authenticated (Contributor+) Stored Cross-Site Scripting via align Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via align Parameter vulnerability discovered by Peter Thaleikis in WordPress Plugin Embed Bokun versions = 0.23...

6.4CVSS5.5AI score0.00231EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/08/14 11:11 p.m.8 views

WordPress Radius Blocks plugin <= 2.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via subHeadingTagName Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via subHeadingTagName Parameter vulnerability discovered by Peter Thaleikis in WordPress Plugin Radius Blocks versions = 2.2.1...

6.4CVSS5.5AI score0.00222EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2025/08/11 10:1 p.m.4 views

WordPress Mosaic Generator plugin <= 1.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'c' Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'c' Parameter vulnerability discovered by muhammad yudha in WordPress Plugin Mosaic Generator versions = 1.0.5...

6.4CVSS5.5AI score0.00194EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/08/11 1:52 p.m.4 views

BIT-LIBPYTHON-2024-7592 Quadratic complexity parsing cookies with backslashes

There is a LOW severity vulnerability affecting CPython, specifically the 'http.cookies' standard library module. When parsing cookies that contained backslashes for quoted characters in the cookie value, the parser would use an algorithm with quadratic complexity, resulting in excess CPU resourc...

7.5CVSS7.2AI score0.02303EPSS
Exploits1References13
Patchstack
Patchstack
added 2025/07/31 9:51 p.m.4 views

WordPress NinjaScanner plugin <= 3.2.5 - Authenticated (Administrator+) Arbitrary File Deletion vulnerability

Authenticated Administrator+ Arbitrary File Deletion vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin NinjaScanner versions = 3.2.5...

7.2CVSS6.8AI score0.00507EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/07/21 1:58 a.m.9 views

WordPress Gutentor plugin <= 3.4.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Multiple Widgets vulnerability discovered by Webbernaut in WordPress Plugin Gutentor versions = 3.4.8...

6.4CVSS5.5AI score0.00221EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/07/18 4:14 a.m.6 views

WordPress Useful Tab Block plugin <= 1.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via className Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via className Parameter vulnerability discovered by Peter Thaleikis in WordPress Plugin Useful Tab Block versions = 1.3.2...

6.4CVSS5.5AI score0.00218EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/07/18 4:12 a.m.11 views

WordPress Listly plugin <= 2.7 - Unauthenticated Arbitrary Transient Deletion vulnerability

Unauthenticated Arbitrary Transient Deletion vulnerability discovered by ch4r0n in WordPress Plugin Listly versions = 2.7...

5.3CVSS6.8AI score0.00273EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/07/16 12:23 p.m.6 views

WordPress Residential Address Detection plugin <= 2.5.9 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Martino Spagnuolo r3verii in WordPress Plugin Residential Address Detection versions = 2.5.9...

5.3CVSS6.6AI score0.00265EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/07/04 10:23 a.m.7 views

WordPress fluXtore plugin <= 1.6.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Martino Spagnuolo r3verii in WordPress Plugin fluXtore versions = 1.6.0...

5.3CVSS6.8AI score0.00211EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/06/27 2:56 p.m.5 views

WordPress WP DB Booster plugin <= 1.0.1 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by theviper17 in WordPress Plugin WP DB Booster versions = 1.0.1...

5.4CVSS6.7AI score0.00216EPSS
Exploits0Affected Software1
Rows per page
Query Builder