Lucene search
K

6279 matches found

Vulnrichment
Vulnrichment
added 2025/01/18 6:0 a.m.9 views

CVE-2024-9020 List category posts < 0.90.3 - Author+ Stored XSS

The List category posts WordPress plugin before 0.90.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4AI score0.00313EPSS
Exploits1References1
Circl
Circl
added 2025/01/18 12:57 a.m.26 views

CVE-2025-23209

creationtimestamp| type| source ---|---|--- 2025-01-18 00:57:13+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/2270 2025-01-18 01:15:48+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfy54asrpp2f 2025-01-18 01:48:56+00:00| seen|...

8.1CVSS7.5AI score0.04714EPSS
Exploits1References43
Positive Technologies
Positive Technologies
added 2025/01/18 12:0 a.m.4 views

PT-2025-3706 · WordPress · List Category Posts

Name of the Vulnerable Software and Affected Versions: List category posts WordPress plugin versions prior to 0.90.3 Description: The issue concerns the List category posts WordPress plugin, where versions prior to 0.90.3 do not validate and escape some of its shortcode attributes before outputti...

5.4CVSS8.3AI score0.00313EPSS
Exploits1References9
CNNVD
CNNVD
added 2025/01/18 12:0 a.m.4 views

WordPress plugin Evergreen Content Poster 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

5.3CVSS8.1AI score0.00432EPSS
Exploits0References5
Circl
Circl
added 2025/01/17 6:41 p.m.7 views

CVE-2025-0534

creationtimestamp| type| source ---|---|--- 2025-01-17 18:41:07+00:00| seen| https://infosec.exchange/users/cve/statuses/113845158942867513 2025-01-17 18:57:01+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/2189 2025-01-17 19:15:52+00:00| seen|...

9.8CVSS7.1AI score0.00607EPSS
Exploits1References5
Circl
Circl
added 2025/01/17 4:45 p.m.2 views

CERTFR-2025-ACT-002

creationtimestamp| type| source ---|---|--- 2025-01-17 16:45:05+00:00| seen| https://bsky.app/profile/infosecfr.skyfleet.blue/post/3lfxakzi2ev2w 2025-01-20 13:10:41+00:00| seen| https://bsky.app/profile/ag6218ent.bsky.social/post/3lg6fyfd7ww2y...

7.2AI score
Exploits0References2
Circl
Circl
added 2025/01/17 1:35 p.m.7 views

CVE-2024-37601

creationtimestamp| type| source ---|---|--- 2025-01-17 13:35:06+00:00| seen| https://poliverso.org/objects/0477a01e-45ff02b8-52616ac586aa8672 2025-01-20 18:30:05+00:00| seen| https://t.me/truesecator/6638 2025-02-13 23:15:47+00:00| seen|...

4.6CVSS7.1AI score0.0033EPSS
Exploits0References10
Circl
Circl
added 2025/01/17 3:5 a.m.7 views

CVE-2024-52281

creationtimestamp| type| source ---|---|--- 2025-01-17 03:05:34+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3lfvsrmnemd2z 2025-01-17 04:00:36+00:00| seen| https://bsky.app/profile/dinosn.bsky.social/post/3lfvvtwzne22g 2025-01-17 04:19:42+00:00| seen|...

8.9CVSS7.1AI score0.00476EPSS
Exploits0References7
Circl
Circl
added 2025/01/17 2:28 a.m.6 views

CVE-2024-51462

creationtimestamp| type| source ---|---|--- 2025-01-17 02:28:36+00:00| seen| https://infosec.exchange/users/cve/statuses/113841334923797565 2025-01-17 02:56:08+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/2092 2025-01-17 03:15:46+00:00| seen|...

5.3CVSS5.7AI score0.00357EPSS
Exploits0References5
Circl
Circl
added 2025/01/16 9:21 p.m.6 views

CVE-2025-23955

creationtimestamp| type| source ---|---|--- 2025-01-16 21:21:09+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfv7jqboco2e 2025-01-16 21:49:27+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lfvb47epkl2b 2025-01-16 22:56:01+00:00| seen|...

4.3CVSS7.3AI score0.00245EPSS
Exploits0References4
NVD
NVD
added 2025/01/16 9:15 p.m.12 views

CVE-2025-23963

Missing Authorization vulnerability in flymke Mark Posts mark-posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mark Posts: from n/a through = 2.2.4...

5.4CVSS0.00305EPSS
Exploits0References1
NVD
NVD
added 2025/01/16 9:15 p.m.6 views

CVE-2025-23764

Missing Authorization vulnerability in ujjavaljani Copy Move Posts copy-move-posts.This issue affects Copy Move Posts: from n/a through = 1.6...

5.3CVSS0.00439EPSS
Exploits0References1
NVD
NVD
added 2025/01/16 8:15 p.m.6 views

CVE-2025-23476

Cross-Site Request Forgery CSRF vulnerability in isnowfy my-related-posts my-related-posts allows Stored XSS.This issue affects my-related-posts: from n/a through = 1.1...

7.1CVSS0.00197EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/16 8:8 p.m.18 views

CVE-2025-23764 WordPress Copy Move Posts plugin <= 1.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in ujjavaljani Copy Move Posts copy-move-posts.This issue affects Copy Move Posts: from n/a through = 1.6...

5.3CVSS0.00439EPSS
Exploits0References1
CVE
CVE
added 2025/01/16 8:5 p.m.46 views

CVE-2025-23476

CVE-2025-23476 is a CSRF to Stored XSS vulnerability in the WordPress plugin my-related-posts (up to version 1.1). The CVSS 3.1 base score is 7.1 (High) with network attack vector, low attack complexity, and user interaction required. Affected software is the my-related-posts plugin for WordPress...

7.1CVSS7.2AI score0.00197EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/16 8:5 p.m.17 views

CVE-2025-23476 WordPress my-related-posts plugin <= 1.1 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in isnowfy my-related-posts my-related-posts allows Stored XSS.This issue affects my-related-posts: from n/a through = 1.1...

7.1CVSS0.00197EPSS
Exploits0References1
Circl
Circl
added 2025/01/16 6:56 p.m.7 views

CVE-2024-57684

creationtimestamp| type| source ---|---|--- 2025-01-16 18:56:13+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/2004 2025-01-16 19:16:16+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfuykgbpga2b 2025-01-16 19:24:57+00:00| seen|...

9.8CVSS7.3AI score0.1436EPSS
Exploits0References16
Patchstack
Patchstack
added 2025/01/16 6:43 p.m.6 views

WordPress Mark Posts plugin <= 2.2.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Mark Posts versions = 2.2.4...

5.4CVSS7AI score0.00305EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/01/16 6:42 p.m.7 views

WordPress Delete All Posts plugin <= 1.1.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Mika in WordPress Plugin Delete All Posts versions = 1.1.1...

6.5CVSS7AI score0.00308EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/01/16 6:42 p.m.3 views

WordPress Copy Move Posts plugin <= 1.6 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Mika in WordPress Plugin Copy Move Posts versions = 1.6...

5.3CVSS7AI score0.00439EPSS
Exploits0Affected Software1
Rows per page
Query Builder