Lucene search
K

6276 matches found

RedhatCVE
RedhatCVE
added 2025/12/24 12:32 p.m.5 views

CVE-2025-68548

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebCodingPlace Responsive Posts Carousel Pro responsive-posts-carousel-pro allows Stored XSS.This issue affects Responsive Posts Carousel Pro: from n/a through = 15.2...

6.5CVSS5.9AI score0.00133EPSS
Exploits0References1
CVE
CVE
added 2025/12/24 12:31 p.m.12 views

CVE-2025-68509

CVE-2025-68509 affects the WordPress plugin User Submitted Posts . The reported issue is an unauthenticated Open Redirect flaw caused by insufficient validation of the redirect-override parameter, allowing attackers to redirect users to untrusted sites and facilitate phishing. Affected versions a...

4.7CVSS6.5AI score0.00475EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/24 12:31 p.m.23 views

CVE-2025-68509 WordPress User Submitted Posts plugin <= 20251121 - Open Redirection vulnerability

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Jeff Starr User Submitted Posts user-submitted-posts allows Phishing.This issue affects User Submitted Posts: from n/a through = 20251121...

4.7CVSS0.00475EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/24 12:31 p.m.3 views

CVE-2025-68509 WordPress User Submitted Posts plugin <= 20251121 - Open Redirection vulnerability

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Jeff Starr User Submitted Posts user-submitted-posts allows Phishing.This issue affects User Submitted Posts: from n/a through = 20251121...

4.7CVSS6.5AI score0.00475EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/24 9:39 a.m.12 views

CVE-2025-14163

The Premium Addons for Elementor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.11.53. This is due to missing nonce validation in the 'insertinnertemplate' function. This makes it possible for unauthenticated attackers to create arbitrary...

4.3CVSS5.3AI score0.00133EPSS
Exploits0References1
OSV
OSV
added 2025/12/24 8:15 a.m.6 views

CVE-2025-13767

Mattermost versions 11.1.x = 11.1.0, 11.0.x = 11.0.5, 10.12.x = 10.12.3, 10.11.x = 10.11.7 fails to validate user channel membership when attaching Mattermost posts as comments to Jira issues, which allows an authenticated attacker with access to the Jira plugin to read post content and attachmen...

4.3CVSS6.5AI score
Exploits0References1
Cvelist
Cvelist
added 2025/12/24 8:1 a.m.30 views

CVE-2025-13767 Unauthorized Read Access to Private Channel Posts via Mattermost Jira Plugin

Mattermost versions 11.1.x = 11.1.0, 11.0.x = 11.0.5, 10.12.x = 10.12.3, 10.11.x = 10.11.7 fails to validate user channel membership when attaching Mattermost posts as comments to Jira issues, which allows an authenticated attacker with access to the Jira plugin to read post content and attachmen...

4.3CVSS0.00165EPSS
Exploits0References1
CVE
CVE
added 2025/12/24 8:1 a.m.15 views

CVE-2025-13767

Mattermost Jira plugin vulnerability (CVE-2025-13767): versions 11.1.x &lt;= 11.1.0, 11.0.x &lt;= 11.0.5, 10.12.x &lt;= 10.12.3, 10.11.x

4.3CVSS6.2AI score0.00165EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/24 8:1 a.m.5 views

CVE-2025-13767 Unauthorized Read Access to Private Channel Posts via Mattermost Jira Plugin

Mattermost versions 11.1.x = 11.1.0, 11.0.x = 11.0.5, 10.12.x = 10.12.3, 10.11.x = 10.11.7 fails to validate user channel membership when attaching Mattermost posts as comments to Jira issues, which allows an authenticated attacker with access to the Jira plugin to read post content and attachmen...

4.3CVSS6.2AI score0.00165EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/24 12:0 a.m.5 views

WordPress plugin User Submitted Posts 安全漏洞

WordPress User Submitted Posts plugin is a WordPress plugin that allows website visitors to submit post content via a front-end form that includes features such as title, tags, categories, author information, URL, body text and image uploads. WordPress User Submitted Posts plugin suffers from an...

4.7CVSS6.7AI score0.00475EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/24 12:0 a.m.5 views

PT-2025-53081

Name of the Vulnerable Software and Affected Versions Jeff Starr User Submitted Posts versions prior to and including 20251121 Description The software contains an Open Redirect issue, allowing for potential phishing attacks. This occurs due to a redirection to an untrusted site. Recommendations...

6.1CVSS6.6AI score0.00475EPSS
Exploits0References5
Circl
Circl
added 2025/12/23 10:26 p.m.6 views

CVE-2025-15047

creationtimestamp| type| source ---|---|--- 2025-12-23 22:26:31+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115771230864366071 2025-12-23 22:50:10+00:00| seen| https://infosec.exchange/users/vuldb/statuses/115771323829528233 2025-12-24 01:44:31+00:00| seen|...

10CVSS9.5AI score0.01096EPSS
Exploits1References6
Circl
Circl
added 2025/12/23 8:48 p.m.7 views

CVE-2021-47736

creationtimestamp| type| source ---|---|--- 2025-12-23 20:48:07+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3maomolmw2w2a 2025-12-23 21:26:33+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3maootcyyq42c...

8.6CVSS5.8AI score0.00926EPSS
Exploits1References2
Circl
Circl
added 2025/12/23 4:25 p.m.5 views

CVE-2025-67108

creationtimestamp| type| source ---|---|--- 2025-12-23 16:25:23+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mao5yri6wl2v 2025-12-23 16:25:47+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mao5zjewja27 2025-12-23 16:26:22+00:00| seen|...

10CVSS4.8AI score0.00299EPSS
Exploits0References5
Circl
Circl
added 2025/12/23 4:25 p.m.8 views

CVE-2025-67109

creationtimestamp| type| source ---|---|--- 2025-12-23 16:25:15+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mao5ykazuv2p 2025-12-23 16:25:39+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mao5zbor2f2f 2025-12-23 16:26:12+00:00| seen|...

10CVSS5.8AI score0.003EPSS
Exploits0References4
NVD
NVD
added 2025/12/23 12:15 p.m.6 views

CVE-2025-68548

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebCodingPlace Responsive Posts Carousel Pro responsive-posts-carousel-pro allows Stored XSS.This issue affects Responsive Posts Carousel Pro: from n/a through = 15.2...

6.5CVSS0.00133EPSS
Exploits0References1
CVE
CVE
added 2025/12/23 11:50 a.m.9 views

CVE-2025-68548

Mode C: The connected Wordfence entry documents an authenticated (Contributor+) Local File Inclusion vulnerability in Responsive Posts Carousel Pro (WordPress plugin) up to version 15.2, CVE-2025-68996, with Patch Status Patched. Updated versions from 15.2+ remediate the issue; CVSS 7.5 (High) in...

6.5CVSS5.9AI score0.00133EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/23 11:50 a.m.3 views

CVE-2025-68548 WordPress Responsive Posts Carousel Pro plugin <= 15.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebCodingPlace Responsive Posts Carousel Pro responsive-posts-carousel-pro allows Stored XSS.This issue affects Responsive Posts Carousel Pro: from n/a through = 15.2...

6.5CVSS5.2AI score0.00133EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/23 11:50 a.m.7 views

EUVD-2025-204786

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebCodingPlace Responsive Posts Carousel Pro allows Stored XSS.This issue affects Responsive Posts Carousel Pro: from n/a through 15.2...

6.5CVSS5.5AI score0.00133EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/12/23 11:49 a.m.5 views

WordPress Responsive Posts Carousel Pro plugin <= 15.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Responsive Posts Carousel Pro versions = 15.2...

6.5CVSS5.9AI score0.00133EPSS
Exploits0Affected Software1
Rows per page
Query Builder