Lucene search
K

6272 matches found

Patchstack
Patchstack
added 2026/01/24 6:16 a.m.9 views

WordPress Moderate Selected Posts plugin <= 1.4 - Cross-Site Request Forgery to Plugin Settings Update vulnerability

Cross-Site Request Forgery to Plugin Settings Update vulnerability discovered by afnaan - SMKN 1 Bantul in WordPress Plugin Moderate Selected Posts versions = 1.4...

4.3CVSS5.5AI score0.00107EPSS
Exploits0References1Affected Software1
Circl
Circl
added 2026/01/24 1:20 a.m.4 views

CVE-2026-24406

creationtimestamp| type| source ---|---|--- 2026-01-24 01:20:48+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3md52eqfvb52m 2026-01-24 01:20:58+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3md52ezqg6323 2026-01-24 01:33:59+00:00| seen|...

8.8CVSS5AI score0.00524EPSS
Exploits1References5
Patchstack
Patchstack
added 2026/01/24 12:17 a.m.11 views

WordPress Same Category Posts plugin <= 1.1.19 - Authenticated (Author+) Stored Cross-Site Scripting via Widget Title Placeholder vulnerability

Authenticated Author+ Stored Cross-Site Scripting via Widget Title Placeholder vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin Same Category Posts versions = 1.1.19...

5.4CVSS5.4AI score0.00214EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/01/24 12:0 a.m.4 views

WordPress plugin User Submitted Posts cross-site scripting vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

7.2CVSS5.7AI score0.00213EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/24 12:0 a.m.7 views

PT-2026-4570

The Same Category Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the widget title placeholder functionality in all versions up to, and including, 1.1.19. This is due to the use of htmlspecialchars decode on taxonomy term names before output, which decodes HTML entitie...

5.4CVSS5.8AI score0.00214EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/01/24 12:0 a.m.5 views

WordPress plugin "Same Category Posts" – Cross-site scripting vulnerabilities

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

5.4CVSS5.7AI score0.00214EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/01/24 12:0 a.m.5 views

WordPress plugin: “Moderate Selected Posts” – Cross-Site Request Forgery vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

4.3CVSS5.7AI score0.00107EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/23 9:18 p.m.10 views

CVE-2025-52762

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in flexostudio flexo-posts-manager flexo-posts-manager allows Reflected XSS.This issue affects flexo-posts-manager: from n/a through = 1.0001...

7.1CVSS5.4AI score0.00263EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/23 9:17 p.m.6 views

CVE-2025-69316

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RealMag777 TableOn posts-table-filterable allows Reflected XSS.This issue affects TableOn: from n/a through = 1.0.4.2...

7.1CVSS5.4AI score0.00175EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/23 9:15 p.m.8 views

CVE-2026-22347

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in subhansanjaya Carousel Horizontal Posts Content Slider carousel-horizontal-posts-content-slider allows DOM-Based XSS.This issue affects Carousel Horizontal Posts Content Slider: from n/a through =...

6.5CVSS5.4AI score0.00161EPSS
Exploits0References1
Circl
Circl
added 2026/01/23 8:25 p.m.7 views

CVE-2025-70985

creationtimestamp| type| source ---|---|--- 2026-01-23 20:25:04+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3md4jtv5his2r 2026-01-23 20:25:30+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3md4jup2stb27 2026-01-23 23:46:16+00:00| seen|...

9.1CVSS5AI score0.00382EPSS
Exploits1References3
Circl
Circl
added 2026/01/23 8:24 p.m.5 views

CVE-2025-70983

creationtimestamp| type| source ---|---|--- 2026-01-23 20:24:55+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3md4jto57n42o 2026-01-23 20:25:22+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3md4juhhgi22r 2026-01-23 23:21:56+00:00| seen|...

9.9CVSS5AI score0.00376EPSS
Exploits0References3
Circl
Circl
added 2026/01/23 8:24 p.m.5 views

CVE-2025-70986

creationtimestamp| type| source ---|---|--- 2026-01-23 20:24:48+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3md4jtgybgf2a 2026-01-23 20:25:15+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3md4juaj7t724 2026-01-23 23:36:15+00:00| seen|...

7.5CVSS5AI score0.00401EPSS
Exploits1References3
NVD
NVD
added 2026/01/23 3:16 p.m.7 views

CVE-2026-24596

Cross-Site Request Forgery CSRF vulnerability in marynixie Related Posts Thumbnails Plugin for WordPress related-posts-thumbnails allows Cross Site Request Forgery.This issue affects Related Posts Thumbnails Plugin for WordPress: from n/a through = 4.3.2...

4.3CVSS0.00133EPSS
Exploits0References1
NVD
NVD
added 2026/01/23 3:16 p.m.7 views

CVE-2026-24587

Missing Authorization vulnerability in kutsy AJAX Hits Counter + Popular Posts Widget ajax-hits-counter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AJAX Hits Counter + Popular Posts Widget: from n/a through = 0.10.210305...

5.4CVSS0.00265EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/23 2:29 p.m.3 views

CVE-2026-24596 WordPress Related Posts Thumbnails plugin for WordPress plugin <= 4.3.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in marynixie Related Posts Thumbnails Plugin for WordPress related-posts-thumbnails allows Cross Site Request Forgery.This issue affects Related Posts Thumbnails Plugin for WordPress: from n/a through = 4.3.2...

4.3CVSS5.8AI score0.00133EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/23 2:29 p.m.37 views

CVE-2026-24596 WordPress Related Posts Thumbnails plugin for WordPress plugin <= 4.3.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in marynixie Related Posts Thumbnails Plugin for WordPress related-posts-thumbnails allows Cross Site Request Forgery.This issue affects Related Posts Thumbnails Plugin for WordPress: from n/a through = 4.3.2...

4.3CVSS0.00133EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/23 2:29 p.m.6 views

CVE-2026-24596

Cross-Site Request Forgery CSRF vulnerability in marynixie Related Posts Thumbnails Plugin for WordPress related-posts-thumbnails allows Cross Site Request Forgery.This issue affects Related Posts Thumbnails Plugin for WordPress: from n/a through = 4.3.1...

4.7CVSS5.9AI score0.00133EPSS
Exploits0References2
CVE
CVE
added 2026/01/23 2:29 p.m.27 views

CVE-2026-24596

CVE-2026-24596 is a CSRF vulnerability in the WordPress plugin Related Posts Thumbnails (versions up to 4.3.1). The issue allows Cross-Site Request Forgery, affecting the Related Posts Thumbnails Plugin for WordPress from an unspecified early version to 4.3.1. The CVE entry provides a CVSS v3.1 b...

4.3CVSS5.9AI score0.00133EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/23 2:29 p.m.3 views

CVE-2026-24587

Missing Authorization vulnerability in kutsy AJAX Hits Counter + Popular Posts Widget ajax-hits-counter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AJAX Hits Counter + Popular Posts Widget: from n/a through = 0.10.210305...

5.4CVSS5.9AI score0.00265EPSS
Exploits0References2
Rows per page
Query Builder