Lucene search
K

6279 matches found

CVE
CVE
added 2025/12/11 3:27 a.m.26 views

CVE-2025-10163

Summary: WordPress plugin List category posts (versions

6.5CVSS6.2AI score0.00286EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/11 3:27 a.m.7 views

CVE-2025-10163 List Category Posts <= 0.91.0 - Authenticated (Contributor+) SQL Injection via Plugin's Shortcode

The List category posts plugin for WordPress is vulnerable to time-based SQL Injection via the ‘startingwith’ parameter of the catlist shortcode in all versions up to, and including, 0.91.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

6.5CVSS6.2AI score0.00286EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/11 3:27 a.m.32 views

CVE-2025-10163 List Category Posts <= 0.91.0 - Authenticated (Contributor+) SQL Injection via Plugin's Shortcode

The List category posts plugin for WordPress is vulnerable to time-based SQL Injection via the ‘startingwith’ parameter of the catlist shortcode in all versions up to, and including, 0.91.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

6.5CVSS0.00286EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/12/11 12:41 a.m.5 views

WordPress List Category Posts plugin <= 0.91.0 - Authenticated (Contributor+) SQL Injection via Plugin's Shortcode vulnerability

Authenticated Contributor+ SQL Injection via Plugin's Shortcode vulnerability discovered by Khanh Nguyen - BlueRock - BlueRock in WordPress Plugin List category posts versions = 0.91.0...

6.5CVSS7.8AI score0.00286EPSS
Exploits0References1Affected Software1
Circl
Circl
added 2025/12/11 12:30 a.m.3 views

CVE-2025-11412

creationtimestamp| type| source ---|---|--- 2025-12-11 00:30:27+00:00| seen| https://bsky.app/profile/bluesky.awakari.com/post/3m7od2756u523 2025-12-11 00:30:37+00:00| seen| https://bsky.app/profile/bluesky.awakari.com/post/3m7od2j6xti2p 2025-12-11 06:48:37+00:00| seen|...

5.5CVSS6.1AI score0.00184EPSS
Exploits1References4
Circl
Circl
added 2025/12/11 12:30 a.m.5 views

CVE-2025-11414

creationtimestamp| type| source ---|---|--- 2025-12-11 00:30:27+00:00| seen| https://bsky.app/profile/bluesky.awakari.com/post/3m7od2756u523 2025-12-11 00:30:37+00:00| seen| https://bsky.app/profile/bluesky.awakari.com/post/3m7od2j6xti2p 2025-12-11 06:48:37+00:00| seen|...

5.5CVSS6.1AI score0.00184EPSS
Exploits1References4
Circl
Circl
added 2025/12/11 12:2 a.m.4 views

CVE-2025-67510

creationtimestamp| type| source ---|---|--- 2025-12-11 00:02:58+00:00| seen| https://infosec.exchange/users/offseq/statuses/115697999974272387 2025-12-11 00:02:59+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3m7obj33kme2n 2025-12-11 01:10:24+00:00| seen|...

9.4CVSS5.8AI score0.00348EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/12/11 12:0 a.m.3 views

WordPress plugin List category posts SQL注入漏洞

WordPress List category posts is a feature-rich WordPress plugin , mainly through the catlist short code to achieve the function . WordPress List category posts has a SQL injection vulnerability, the vulnerability stems from the existence of the startingwith parameter time-based SQL injection, an...

6.5CVSS8AI score0.00286EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/11 12:0 a.m.8 views

PT-2025-50649

An improper neutralization of input vulnerability was identified in GitHub Enterprise Server that allowed user-supplied HTML to inject DOM elements with IDs that collided with server-initialized data islands. These collisions could overwrite or shadow critical application state objects used by...

8.6CVSS6.5AI score0.0032EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/12/10 3:13 p.m.4 views

CVE-2025-49351

Cross-Site Request Forgery CSRF vulnerability in Valentin Agachi Create Posts & Terms create-posts-terms allows Stored XSS.This issue affects Create Posts & Terms: from n/a through = 1.3.1...

7.1CVSS6.6AI score0.00121EPSS
Exploits0References1
Circl
Circl
added 2025/12/10 7:10 a.m.3 views

CVE-2025-13339

creationtimestamp| type| source ---|---|--- 2025-12-10 07:10:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m7miwp5sjw2y 2025-12-10 07:45:41+00:00| seen| https://gist.github.com/Darkcrai86/54a35bd8d99ef7098f2e2b7b8465278c 2025-12-10 08:07:48+00:00| seen|...

7.5CVSS5.3AI score0.02056EPSS
Exploits0References4
Circl
Circl
added 2025/12/10 4:34 a.m.6 views

CVE-2025-9056

creationtimestamp| type| source ---|---|--- 2025-12-10 04:34:40+00:00| seen| https://infosec.exchange/users/offseq/statuses/115693406042917432 2025-12-10 04:34:42+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3m7ma7ytwwo2m 2025-12-10 04:55:26+00:00| seen|...

5.3CVSS5.7AI score0.00181EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/09 6:30 p.m.5 views

EUVD-2025-202041

Cross-Site Request Forgery CSRF vulnerability in Valentin Agachi Create Posts & Terms create-posts-terms allows Stored XSS.This issue affects Create Posts & Terms: from n/a through = 1.3.1...

6.1AI score0.00121EPSS
Exploits0References2
NVD
NVD
added 2025/12/09 4:17 p.m.5 views

CVE-2025-49351

Cross-Site Request Forgery CSRF vulnerability in Valentin Agachi Create Posts & Terms create-posts-terms allows Stored XSS.This issue affects Create Posts & Terms: from n/a through = 1.3.1...

7.1CVSS0.00121EPSS
Exploits0References1
CVE
CVE
added 2025/12/09 2:52 p.m.8 views

CVE-2025-49351

CVE-2025-49351 is a CSRF vulnerability in the WordPress plugin Create Posts & Terms (plugin slug: create-posts-terms), affecting versions up to and including 1.3.1. The connected documents specify that the flaw allows Cross-Site Request Forgery which can lead to Stored XSS. Root cause and exact v...

7.1CVSS5.2AI score0.00121EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/12/09 2:52 p.m.3 views

CVE-2025-49351

Cross-Site Request Forgery CSRF vulnerability in Valentin Agachi Create Posts & Terms create-posts-terms allows Stored XSS.This issue affects Create Posts & Terms: from n/a through = 1.3.1...

7.1CVSS5.1AI score0.00121EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/09 2:52 p.m.2 views

CVE-2025-49351 WordPress Create Posts & Terms plugin <= 1.3.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Valentin Agachi Create Posts & Terms create-posts-terms allows Stored XSS.This issue affects Create Posts & Terms: from n/a through = 1.3.1...

7.1CVSS6.3AI score0.00121EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/09 2:52 p.m.20 views

CVE-2025-49351 WordPress Create Posts & Terms plugin <= 1.3.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Valentin Agachi Create Posts & Terms create-posts-terms allows Stored XSS.This issue affects Create Posts & Terms: from n/a through = 1.3.1...

7.1CVSS0.00121EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/09 12:0 a.m.4 views

WordPress plugin Create Posts Terms 跨站请求伪造漏洞

...

7.1CVSS5.8AI score0.00121EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.6 views

PT-2025-49986

Cross-Site Request Forgery CSRF vulnerability in Valentin Agachi Create Posts & Terms create-posts-terms allows Stored XSS.This issue affects Create Posts & Terms: from n/a through = 1.3.1...

6.6AI score0.00121EPSS
Exploits0References2
Rows per page
Query Builder