Lucene search
K

13 matches found

CNNVD
CNNVD
added 2026/05/20 12:0 a.m.8 views

WordPress plugin TypeSquare Webfonts for ConoHa 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

4.3CVSS5.7AI score0.00294EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-1161

Malware in sbrugna...

9.1CVSS9.3AI score0.02503EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2021-11628

Malware in sbrugna...

5.4CVSS5.4AI score0.00629EPSS
Exploits2References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.10 views

EUVD-2023-24070

Malicious code in bioql PyPI...

6.5CVSS6.7AI score0.00615EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/06/02 11:47 a.m.7 views

CVE-2025-4691

The Free Booking Plugin for Hotels, Restaurants and Car Rentals – eaSYNC Booking plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.3.21 via the 'viewrequestdetails' due to missing validation on a user controlled key. This makes it...

5.3CVSS6.7AI score0.00279EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:40 a.m.5 views

CVE-2024-7963

The CMSMasters Content Composer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's multiple shortcodes in all versions up to, and including, 1.8.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS5.8AI score0.00266EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/03/31 2:0 p.m.4 views

WordPress Uptime Robot Plugin for WordPress plugin <= 2.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by muhammad yudha in WordPress Plugin Uptime Robot Plugin for WordPress versions = 2.3...

6.5CVSS6.1AI score0.00221EPSS
Exploits0Affected Software1
CVE
CVE
added 2024/12/13 9:27 a.m.54 views

CVE-2024-11012

CVE-2024-11012 (Notibar – Notification Bar for WordPress) is a vulnerability in the Notibar WordPress plugin where an authenticated user with Subscriber+ privileges can trigger arbitrary shortcode execution through the njt_nofi_text AJAX action. The root cause is lack of proper validation before ...

6.3CVSS6.4AI score0.00465EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/09/12 6:0 a.m.11 views

CVE-2024-5799 CM Pop-Up Banners for WordPress < 1.7.3 - Contributor+ Stored XSS

The CM Pop-Up Banners for WordPress plugin before 1.7.3 does not sanitise and escape some of its popup fields, which could allow high privilege users such as Contributors to perform Cross-Site Scripting attacks...

4.9AI score0.00312EPSS
Exploits1References1
Cvelist
Cvelist
added 2019/08/27 11:45 a.m.18 views

CVE-2019-15649

The insert-or-embed-articulate-content-into-wordpress plugin before 4.2999 for WordPress has insufficient restrictions on file upload...

8.8AI score0.01668EPSS
Exploits0References2
WPVulnDB
WPVulnDB
added 2015/01/10 9:26 p.m.8 views

slideoptinprox - XSS

The slideoptinprox WordPress plugin was affected by a XSS security vulnerability...

2.2AI score
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2014/08/01 10:58 a.m.18 views

paypal-digital-goods-monetization-powered-by-cleeng <= 2.2.13 - XSS in ZeroClipboard

The paypal-digital-goods-monetization-powered-by-cleeng WordPress plugin was affected by a XSS in ZeroClipboard security vulnerability...

4.3CVSS1.8AI score0.06316EPSS
Exploits4References2Affected Software1
WPVulnDB
WPVulnDB
added 2014/08/01 10:58 a.m.11 views

RokBox <= 2.13 - rokbox.php Direct Request Path Disclosure

The wprokbox WordPress plugin was affected by a rokbox.php Direct Request Path Disclosure security vulnerability...

1.5AI score
Exploits0References3Affected Software1
Rows per page
Query Builder