Lucene search
K

92 matches found

Github Security Blog
Github Security Blog
added 2025/09/29 4:29 p.m.12 views

mkdocs-include-markdown-plugin susceptible to unvalidated input colliding with substitution placeholders

Impact CWE-20: Improper Input Validation Low impact Patches Patched in v7.1.8 commit https://github.com/mondeja/mkdocs-include-markdown-plugin/commit/7466d67aa0de8ffbc427204ad2475fed07678915 Workarounds No...

6.5CVSS6.9AI score0.00318EPSS
Exploits0References6Affected Software1
CNNVD
CNNVD
added 2025/09/29 12:0 a.m.3 views

mkdocs-include-markdown-plugin 输入验证错误漏洞

mkdocs-include-markdown-plugin is a Markdown file processor by the individual developer Álvaro Mondéjar Rubio. An input validation error vulnerability exists in mkdocs-include-markdown-plugin version 7.1.7 and earlier, which stems from unvalidated input that may conflict with substitution...

6.5CVSS6.5AI score0.00318EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/09/24 6:34 a.m.12 views

CVE-2025-9540

The Markup Markdown WordPress plugin before 3.20.10 allows links to contain JavaScript which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

4.7CVSS5.6AI score0.00215EPSS
Exploits0References1
NVD
NVD
added 2025/09/22 6:15 a.m.33 views

CVE-2025-9541

The Markup Markdown WordPress plugin before 3.20.10 allows links to contain JavaScript which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

4.7CVSS0.00215EPSS
Exploits0References1
NVD
NVD
added 2025/09/22 6:15 a.m.5 views

CVE-2025-9540

The Markup Markdown WordPress plugin before 3.20.10 allows links to contain JavaScript which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

4.7CVSS0.00215EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/22 6:0 a.m.31 views

CVE-2025-9541 Markup Markdown < 3.20.10 - Contributor+ Stored XSS

The Markup Markdown WordPress plugin before 3.20.10 allows links to contain JavaScript which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

0.00215EPSS
Exploits0References1
CVE
CVE
added 2025/09/22 6:0 a.m.28 views

CVE-2025-9541

CVE-2025-9541 affects the WordPress plugin Markup Markdown (versions before 3.20.10). The issue allows JavaScript in links, enabling Stored XSS for users with contributor role and above. Patchstack/Red Hat/NVD entries confirm the vulnerability and an update to 3.20.10 as the fix; apply the 3.20.1...

4.7CVSS5.2AI score0.00215EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/22 6:0 a.m.10 views

CVE-2025-9540 Markup Markdown < 3.20.10 - Contributor+ Stored XSS

The Markup Markdown WordPress plugin before 3.20.10 allows links to contain JavaScript which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

0.00215EPSS
Exploits0References1
OSV
OSV
added 2025/09/05 5:10 p.m.3 views

MAL-2025-45588 Malicious code in prettier-plugin-markdown-sadr-loop-decoherence (npm)

The package prettier-plugin-markdown-sadr-loop-decoherence was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/05 5:10 p.m.4 views

Malicious code in prettier-plugin-markdown-europa-spawn-csv (npm)

The package prettier-plugin-markdown-europa-spawn-csv was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/05 5:10 p.m.3 views

Malicious code in prettier-plugin-markdown-global-algol-taphonomy (npm)

The package prettier-plugin-markdown-global-algol-taphonomy was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/09/05 5:10 p.m.2 views

MAL-2025-45586 Malicious code in prettier-plugin-markdown-global-algol-taphonomy (npm)

The package prettier-plugin-markdown-global-algol-taphonomy was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/09/05 5:10 p.m.5 views

MAL-2025-43755 Malicious code in chai-prettier-plugin-markdown-weywot-ichnology (npm)

The package chai-prettier-plugin-markdown-weywot-ichnology was found to contain malicious code...

7AI score
Exploits0
Patchstack
Patchstack
added 2025/08/19 4:15 a.m.14 views

WordPress Markup Markdown plugin <= 3.20.6 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by JeonKim in WordPress Plugin Markup Markdown versions = 3.20.6...

6.5CVSS5.9AI score0.00219EPSS
Exploits0Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.2 views

Malicious code in speleology-puppeteer-optimize-css-assets-webpack-plugin-prettier-plugin-markdown (npm)

The package speleology-puppeteer-optimize-css-assets-webpack-plugin-prettier-plugin-markdown was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.2 views

Malicious code in xerxes-prettier-plugin-markdown-airbnb-resolvers (npm)

The package xerxes-prettier-plugin-markdown-airbnb-resolvers was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.4 views

Malicious code in australis-nightwatch-prettier-plugin-markdown-tectonophysics (npm)

The package australis-nightwatch-prettier-plugin-markdown-tectonophysics was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.1 views

MAL-2025-39757 Malicious code in xerxes-prettier-plugin-markdown-airbnb-resolvers (npm)

The package xerxes-prettier-plugin-markdown-airbnb-resolvers was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.1 views

MAL-2025-27682 Malicious code in nodejs-prettier-plugin-markdown-terraforming-websockets (npm)

The package nodejs-prettier-plugin-markdown-terraforming-websockets was found to contain malicious code...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.4 views

Malicious code in rollup-development-vega-prettier-plugin-markdown (npm)

The package rollup-development-vega-prettier-plugin-markdown was found to contain malicious code...

7AI score
Exploits0
Rows per page
Query Builder