Lucene search
K

141 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.26 views

EUVD-2023-29876

Malicious code in bioql PyPI...

8.8CVSS9AI score0.00378EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-36914

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00359EPSS
Exploits0References1
NVD
NVD
added 2025/10/03 12:15 p.m.5 views

CVE-2025-9206

The Meks Easy Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the post title field in all version up to, and including, 2.1.4. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS0.00225EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/10/03 11:17 a.m.3 views

CVE-2025-9206 Meks Easy Maps <= 2.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Meks Easy Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the post title field in all version up to, and including, 2.1.4. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS5AI score0.00225EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/10/03 11:17 a.m.10 views

CVE-2025-9206 Meks Easy Maps <= 2.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Meks Easy Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the post title field in all version up to, and including, 2.1.4. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS0.00225EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/10/03 12:0 a.m.8 views

WordPress plugin Meks Easy Maps 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

6.4CVSS5.8AI score0.00225EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/10/03 12:0 a.m.4 views

PT-2025-40489

Name of the Vulnerable Software and Affected Versions Meks Easy Maps plugin for WordPress versions through 2.1.4 Description The software is susceptible to Stored Cross-Site Scripting through the post title field. This is caused by inadequate input sanitization and output escaping of user-provide...

6.4CVSS5.6AI score0.00225EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/06/19 3:21 p.m.11 views

CVE-2025-49855

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Meks Meks Flexible Shortcodes meks-flexible-shortcodes allows DOM-Based XSS.This issue affects Meks Flexible Shortcodes: from n/a through = 1.3.7...

6.5CVSS5.9AI score0.00156EPSS
Exploits0References1
NVD
NVD
added 2025/06/17 3:15 p.m.4 views

CVE-2025-49855

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Meks Meks Flexible Shortcodes meks-flexible-shortcodes allows DOM-Based XSS.This issue affects Meks Flexible Shortcodes: from n/a through = 1.3.7...

6.5CVSS0.00156EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/17 3:1 p.m.4 views

CVE-2025-49855 WordPress Meks Flexible Shortcodes plugin <= 1.3.7 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Meks Meks Flexible Shortcodes allows DOM-Based XSS. This issue affects Meks Flexible Shortcodes: from n/a through 1.3.7...

6.5CVSS6.5AI score0.00156EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/17 3:1 p.m.10 views

CVE-2025-49855 WordPress Meks Flexible Shortcodes plugin <= 1.3.7 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Meks Meks Flexible Shortcodes meks-flexible-shortcodes allows DOM-Based XSS.This issue affects Meks Flexible Shortcodes: from n/a through = 1.3.7...

6.5CVSS0.00156EPSS
Exploits0References1
CVE
CVE
added 2025/06/17 3:1 p.m.16 views

CVE-2025-49855

CVE-2025-49855 affects the WordPress plugin Meks Flexible Shortcodes (versions from unknown up to and including 1.3.7). The issue is an DOM-based Cross-Site Scripting (XSS) vulnerability resulting from improper input neutralization during web page generation. Public references confirm the vulnera...

6.5CVSS5.9AI score0.00156EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/17 12:0 a.m.5 views

PT-2025-25716 · Unknown · Meks Flexible Shortcodes

Name of the Vulnerable Software and Affected Versions: Meks Flexible Shortcodes versions 1.3.7 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows DOM-Based XSS. This means that an attacker...

6.5CVSS6.2AI score0.00156EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/06/17 12:0 a.m.3 views

WordPress plugin Meks Flexible Shortcodes 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...

6.5CVSS6AI score0.00156EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/06/12 4:54 p.m.8 views

WordPress Meks Flexible Shortcodes plugin <= 1.3.7 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Peter Thaleikis in WordPress Plugin Meks Flexible Shortcodes versions = 1.3.7...

6.5CVSS6AI score0.00156EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 9:31 a.m.8 views

CVE-2024-0664

The Meks Smart Social Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Meks Smart Social Widget in all versions up to, and including, 1.6.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

4.8CVSS5.8AI score0.00304EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:1 a.m.12 views

CVE-2024-6599

The Meks Video Importer plugin for WordPress is vulnerable to unauthorized API key modification due to a missing capability check on the ajaxsavesettings function in all versions up to, and including, 1.0.12. This makes it possible for authenticated attackers, with Subscriber-level access and...

4.3CVSS5.8AI score0.00325EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:57 a.m.9 views

CVE-2024-33694

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Meks Meks ThemeForest Smart Widget allows Stored XSS.This issue affects Meks ThemeForest Smart Widget: from n/a through 1.5...

5.9CVSS6.7AI score0.00338EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:56 a.m.11 views

CVE-2024-33693

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Meks Meks Smart Social Widget allows Stored XSS.This issue affects Meks Smart Social Widget: from n/a through 1.6.4...

5.9CVSS5.2AI score0.00341EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:44 a.m.4 views

CVE-2024-37548

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Meks Meks Easy Ads Widget allows Stored XSS.This issue affects Meks Easy Ads Widget: from n/a through 2.0.8...

5.9CVSS6.8AI score0.00274EPSS
Exploits0
Rows per page
Query Builder