6276 matches found
CVE-2025-68548
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebCodingPlace Responsive Posts Carousel Pro responsive-posts-carousel-pro allows Stored XSS.This issue affects Responsive Posts Carousel Pro: from n/a through = 15.2...
CVE-2025-68509
CVE-2025-68509 affects the WordPress plugin User Submitted Posts . The reported issue is an unauthenticated Open Redirect flaw caused by insufficient validation of the redirect-override parameter, allowing attackers to redirect users to untrusted sites and facilitate phishing. Affected versions a...
CVE-2025-68509 WordPress User Submitted Posts plugin <= 20251121 - Open Redirection vulnerability
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Jeff Starr User Submitted Posts user-submitted-posts allows Phishing.This issue affects User Submitted Posts: from n/a through = 20251121...
CVE-2025-68509 WordPress User Submitted Posts plugin <= 20251121 - Open Redirection vulnerability
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Jeff Starr User Submitted Posts user-submitted-posts allows Phishing.This issue affects User Submitted Posts: from n/a through = 20251121...
CVE-2025-14163
The Premium Addons for Elementor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.11.53. This is due to missing nonce validation in the 'insertinnertemplate' function. This makes it possible for unauthenticated attackers to create arbitrary...
CVE-2025-13767
Mattermost versions 11.1.x = 11.1.0, 11.0.x = 11.0.5, 10.12.x = 10.12.3, 10.11.x = 10.11.7 fails to validate user channel membership when attaching Mattermost posts as comments to Jira issues, which allows an authenticated attacker with access to the Jira plugin to read post content and attachmen...
CVE-2025-13767 Unauthorized Read Access to Private Channel Posts via Mattermost Jira Plugin
Mattermost versions 11.1.x = 11.1.0, 11.0.x = 11.0.5, 10.12.x = 10.12.3, 10.11.x = 10.11.7 fails to validate user channel membership when attaching Mattermost posts as comments to Jira issues, which allows an authenticated attacker with access to the Jira plugin to read post content and attachmen...
CVE-2025-13767
Mattermost Jira plugin vulnerability (CVE-2025-13767): versions 11.1.x <= 11.1.0, 11.0.x <= 11.0.5, 10.12.x <= 10.12.3, 10.11.x
CVE-2025-13767 Unauthorized Read Access to Private Channel Posts via Mattermost Jira Plugin
Mattermost versions 11.1.x = 11.1.0, 11.0.x = 11.0.5, 10.12.x = 10.12.3, 10.11.x = 10.11.7 fails to validate user channel membership when attaching Mattermost posts as comments to Jira issues, which allows an authenticated attacker with access to the Jira plugin to read post content and attachmen...
WordPress plugin User Submitted Posts 安全漏洞
WordPress User Submitted Posts plugin is a WordPress plugin that allows website visitors to submit post content via a front-end form that includes features such as title, tags, categories, author information, URL, body text and image uploads. WordPress User Submitted Posts plugin suffers from an...
PT-2025-53081
Name of the Vulnerable Software and Affected Versions Jeff Starr User Submitted Posts versions prior to and including 20251121 Description The software contains an Open Redirect issue, allowing for potential phishing attacks. This occurs due to a redirection to an untrusted site. Recommendations...
CVE-2025-15047
creationtimestamp| type| source ---|---|--- 2025-12-23 22:26:31+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115771230864366071 2025-12-23 22:50:10+00:00| seen| https://infosec.exchange/users/vuldb/statuses/115771323829528233 2025-12-24 01:44:31+00:00| seen|...
CVE-2021-47736
creationtimestamp| type| source ---|---|--- 2025-12-23 20:48:07+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3maomolmw2w2a 2025-12-23 21:26:33+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3maootcyyq42c...
CVE-2025-67108
creationtimestamp| type| source ---|---|--- 2025-12-23 16:25:23+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mao5yri6wl2v 2025-12-23 16:25:47+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mao5zjewja27 2025-12-23 16:26:22+00:00| seen|...
CVE-2025-67109
creationtimestamp| type| source ---|---|--- 2025-12-23 16:25:15+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mao5ykazuv2p 2025-12-23 16:25:39+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mao5zbor2f2f 2025-12-23 16:26:12+00:00| seen|...
CVE-2025-68548
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebCodingPlace Responsive Posts Carousel Pro responsive-posts-carousel-pro allows Stored XSS.This issue affects Responsive Posts Carousel Pro: from n/a through = 15.2...
CVE-2025-68548
Mode C: The connected Wordfence entry documents an authenticated (Contributor+) Local File Inclusion vulnerability in Responsive Posts Carousel Pro (WordPress plugin) up to version 15.2, CVE-2025-68996, with Patch Status Patched. Updated versions from 15.2+ remediate the issue; CVSS 7.5 (High) in...
CVE-2025-68548 WordPress Responsive Posts Carousel Pro plugin <= 15.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebCodingPlace Responsive Posts Carousel Pro responsive-posts-carousel-pro allows Stored XSS.This issue affects Responsive Posts Carousel Pro: from n/a through = 15.2...
EUVD-2025-204786
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebCodingPlace Responsive Posts Carousel Pro allows Stored XSS.This issue affects Responsive Posts Carousel Pro: from n/a through 15.2...
WordPress Responsive Posts Carousel Pro plugin <= 15.2 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Responsive Posts Carousel Pro versions = 15.2...