6271 matches found
CVE-2026-1453
creationtimestamp| type| source ---|---|--- 2026-01-29 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-029-01 2026-01-29 19:47:18+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mdlkjvo5qe2x 2026-01-29 19:47:43+00:00| seen|...
CVE-2026-24856
creationtimestamp| type| source ---|---|--- 2026-01-28 22:00:07+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mdjbii6hqi2g 2026-01-28 23:39:31+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mdjh2abwr523...
CVE-2025-33220
creationtimestamp| type| source ---|---|--- 2026-01-28 19:04:12+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mdixnwum772x 2026-01-28 19:29:56+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mdiz3xht6v2m...
CVE-2025-40553
creationtimestamp| type| source ---|---|--- 2026-01-28 10:09:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mdhzr4zsua2r 2026-01-28 10:15:24+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mdi24e3bsr2x 2026-01-28 13:21:55+00:00| seen|...
CVE-2026-24836
creationtimestamp| type| source ---|---|--- 2026-01-28 00:52:20+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mdh2nj27qg2m 2026-01-28 01:41:36+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mdh5fn33kj2c...
CVE-2026-24833
creationtimestamp| type| source ---|---|--- 2026-01-28 00:46:59+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mdh2dx3cge2v 2026-01-28 00:47:28+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mdh2esty4d23 2026-01-28 01:38:16+00:00| seen|...
CVE-2026-24770
creationtimestamp| type| source ---|---|--- 2026-01-27 23:02:20+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mdguitgkzk23 2026-01-27 23:02:49+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mdgujpao542o...
CVE-2026-24765
creationtimestamp| type| source ---|---|--- 2026-01-27 23:02:13+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mdguimbyxo2a 2026-01-27 23:02:42+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mdgujhxatw27 2026-01-29 05:06:32+00:00| seen|...
CVE-2026-24747
creationtimestamp| type| source ---|---|--- 2026-01-27 23:02:06+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mdguifixce25 2026-01-27 23:02:34+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mdgujasel22x...
CVE-2025-58150
creationtimestamp| type| source ---|---|--- 2026-01-27 11:03:01+00:00| seen| https://seclists.org/oss-sec/2026/q1/117 2026-01-27 12:42:16+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mdfru2qhmm2b 2026-01-27 13:41:11+00:00| seen|...
CVE-2026-23864
creationtimestamp| type| source ---|---|--- 2026-01-26 19:51:27+00:00| seen| https://bsky.app/profile/jviide.iki.fi/post/3mddzei5nh22t 2026-01-26 19:54:19+00:00| seen| https://bsky.app/profile/jviide.iki.fi/post/3mddzjn4yvk2t 2026-01-26 20:14:04+00:00| seen|...
CVE-2025-53086
creationtimestamp| type| source ---|---|--- 2026-01-26 16:57:24+00:00| seen| https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mddpnbfrlk23 2026-01-26 16:58:37+00:00| seen| https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mddppcmotk23...
WordPress User Submitted Posts - Enable Users to Submit Posts from the Front End plugin <= 20251210 - Unauthenticated Stored Cross-Site Scripting via Custom Field vulnerability
WordPress User Submitted Posts - Enable Users to Submit Posts from the Front End plugin = 20251210 - Unauthenticated Stored Cross-Site Scripting via Custom Field vulnerability discovered by Balamurugan R in WordPress Plugin User Submitted Posts versions = 20251210...
CVE-2025-6461
The CubeWP – All-in-One Dynamic Content Framework plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.1.27 via the search feature in class-cubewp-search-ajax-hooks.php due to insufficient restrictions on which posts can be included. This makes it...
CVE-2025-14797
The Same Category Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the widget title placeholder functionality in all versions up to, and including, 1.1.19. This is due to the use of htmlspecialcharsdecode on taxonomy term names before output, which decodes HTML entities...
CVE-2025-14907
The Moderate Selected Posts plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4. This is due to missing nonce verification on the mspadminpage function. This makes it possible for unauthenticated attackers to modify plugin settings via a forg...
CVE-2026-0800
The User Submitted Posts – Enable Users to Submit Posts from the Front End plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom fields in all versions up to, and including, 20251210 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2025-6461
The CubeWP – All-in-One Dynamic Content Framework plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.1.27 via the search feature in class-cubewp-search-ajax-hooks.php due to insufficient restrictions on which posts can be included. This makes it...
CVE-2025-6461
CVE-2025-6461 affects the CubeWP Framework (WordPress) and is due to Information Exposure via the search functionality in class-cubewp-search-ajax-hooks.php. It applies to all versions up to and including 1.1.27, enabling unauthenticated attackers to retrieve data from password-protected, private...
CVE-2025-6461 CubeWP – All-in-One Dynamic Content Framework <= 1.1.27 - Unauthenticated Post Disclosure in class-cubewp-search-ajax-hooks.php
The CubeWP – All-in-One Dynamic Content Framework plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.1.27 via the search feature in class-cubewp-search-ajax-hooks.php due to insufficient restrictions on which posts can be included. This makes it...