Lucene search
K

6276 matches found

EUVD
EUVD
added 2025/12/31 5:30 a.m.5 views

EUVD-2025-205880

Cross-Site Request Forgery CSRF vulnerability in Mindstien Technologies Recent Posts From Each Category allows Stored XSS.This issue affects Recent Posts From Each Category: from n/a through 1.4...

7.1CVSS6.1AI score0.00096EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/31 5:30 a.m.30 views

CVE-2025-49354 WordPress Recent Posts From Each Category plugin <= 1.4 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Mindstien Technologies Recent Posts From Each Category recent-posts-from-each-category allows Stored XSS.This issue affects Recent Posts From Each Category: from n/a through = 1.4...

7.1CVSS0.00096EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/12/31 12:0 a.m.6 views

WordPress Gosign - Posts Slider Block plugin <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

WordPress Gosign - Posts Slider Block plugin = 1.1.0 - Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Nishiv - Developer in WordPress Plugin Gosign – Posts Slider Block versions = 1.1.0...

6.4CVSS5.4AI score0.00284EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/31 12:0 a.m.7 views

PT-2025-54283

The Ultimate Post Kit Addons for Elementor WordPress plugin before 4.0.16 exposes multiple AJAX “load more” endpoints such as upk alex grid loadmore posts without ensuring that posts to be displayed are published authentication. This allows an unauthenticated attacker to query arbitrary posts and...

6.9AI score0.00245EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/31 12:0 a.m.6 views

WordPress plugin Recent Posts From Each Category 跨站请求伪造漏洞

...

7.1CVSS6.8AI score0.00096EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/31 12:0 a.m.7 views

PT-2025-54280

Name of the Vulnerable Software and Affected Versions Mindstien Technologies Recent Posts From Each Category versions 1.4 and earlier Description The Recent Posts From Each Category plugin contains a Cross-Site Request Forgery CSRF issue and a Stored Cross-Site Scripting XSS issue. The CSRF flaw...

7.1CVSS4.9AI score0.00096EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/12/31 12:0 a.m.3 views

WordPress plugin Ultimate Post Kit Addons for Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A security...

5.3CVSS6.3AI score0.00245EPSS
Exploits0References1
Circl
Circl
added 2025/12/30 5:25 p.m.6 views

CVE-2025-52835

creationtimestamp| type| source ---|---|--- 2025-12-30 17:25:47+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mb7un7yfnw2g 2025-12-30 17:53:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mb7w635nvt2y 2025-12-30 18:24:17+00:00| seen|...

9.6CVSS4.8AI score0.00171EPSS
Exploits0References4
Circl
Circl
added 2025/12/30 5:25 p.m.5 views

CVE-2025-68926

creationtimestamp| type| source ---|---|--- 2025-12-30 17:25:39+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mb7umyfdfo2e 2025-12-30 17:43:01+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mb7vm3m56s2c 2026-01-02 04:45:49+00:00| seen|...

9.8CVSS4.8AI score0.2903EPSS
Exploits3References10
EUVD
EUVD
added 2025/12/30 12:30 p.m.5 views

EUVD-2025-205740

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WebCodingPlace Responsive Posts Carousel Pro responsive-posts-carousel-pro allows PHP Local File Inclusion.This issue affects Responsive Posts Carousel Pro: from n/a through = 15...

7.5CVSS6.6AI score0.00378EPSS
Exploits0References2
NVD
NVD
added 2025/12/30 11:15 a.m.4 views

CVE-2025-68996

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WebCodingPlace Responsive Posts Carousel Pro responsive-posts-carousel-pro allows PHP Local File Inclusion.This issue affects Responsive Posts Carousel Pro: from n/a through = 15...

7.5CVSS0.00378EPSS
Exploits0References1
CVE
CVE
added 2025/12/30 10:47 a.m.11 views

CVE-2025-68996

CVE-2025-68996 corresponds to an authenticated Local File Inclusion in the WordPress plugin Responsive Posts Carousel Pro (

7.5CVSS6.7AI score0.00378EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/30 10:47 a.m.29 views

CVE-2025-68996 WordPress Responsive Posts Carousel Pro plugin <= 15.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WebCodingPlace Responsive Posts Carousel Pro responsive-posts-carousel-pro allows PHP Local File Inclusion.This issue affects Responsive Posts Carousel Pro: from n/a through = 15...

7.5CVSS0.00378EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/30 10:47 a.m.3 views

CVE-2025-68996 WordPress Responsive Posts Carousel Pro plugin <= 15.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WebCodingPlace Responsive Posts Carousel Pro responsive-posts-carousel-pro allows PHP Local File Inclusion.This issue affects Responsive Posts Carousel Pro: from n/a through = 15...

7.5CVSS6.7AI score0.00378EPSS
Exploits0References1
Circl
Circl
added 2025/12/30 10:28 a.m.6 views

CVE-2025-15359

creationtimestamp| type| source ---|---|--- 2025-12-30 10:28:41+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mb75dgs3b42x 2025-12-30 11:00:24+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mb7744vb4q2p 2026-01-05 17:01:58+00:00| published-proof-of-concept|...

9.8CVSS5.1AI score0.00288EPSS
Exploits0References2
Circl
Circl
added 2025/12/30 9:48 a.m.7 views

CVE-2025-15358

creationtimestamp| type| source ---|---|--- 2025-12-30 09:48:10+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mb732xj5dg2e 2025-12-30 10:45:49+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mb76c2pieq2q 2026-01-06 22:03:31+00:00| seen|...

7.5CVSS5.1AI score0.00277EPSS
Exploits0References2
Circl
Circl
added 2025/12/30 2:0 a.m.5 views

CVE-2025-69217

creationtimestamp| type| source ---|---|--- 2025-12-30 02:00:03+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mb6avuujoy2u 2025-12-30 03:06:19+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mb6emfrjnn2y 2025-12-30 12:40:31+00:00| seen|...

7.7CVSS4.9AI score0.00363EPSS
Exploits0References5
Patchstack
Patchstack
added 2025/12/30 1:49 a.m.7 views

WordPress Carousel Horizontal Posts Content Slider plugin <= 3.3.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Carousel Horizontal Posts Content Slider versions = 3.3.2...

6.5CVSS6.1AI score0.00161EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2025/12/30 12:0 a.m.5 views

WordPress User Submitted Posts plugin open to redirection vulnerability

WordPress User Submitted Posts plugin is a WordPress plugin that allows website visitors to submit post content via a front-end form that includes features such as title, tags, categories, author information, URL, body text and image uploads. WordPress User Submitted Posts plugin suffers from an...

6.1CVSS6.8AI score0.00475EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/30 12:0 a.m.10 views

WordPress plugin Responsive Posts Carousel Pro 安全漏洞

...

7.5CVSS5.8AI score0.00378EPSS
Exploits0References1
Rows per page
Query Builder