Lucene search
K

2838 matches found

Nuclei
Nuclei
added yesterday19 views

Rating by BestWebSoft < 0.2 - Cross-Site Scripting

The rating-bws plugin before 0.2 for WordPress has multiple XSS issues. id: CVE-2017-18530 info: name: Rating by BestWebSoft 0.2 - Cross-Site Scripting author: luisfelipe146 severity: medium description: | The rating-bws plugin before 0.2 for WordPress has multiple XSS issues. impact: |...

6.1CVSS6.4AI score0.01384EPSS
Exploits1References4
NVD
NVD
added 3 days ago10 views

CVE-2026-12560

The Editorial Rating – Product Review & Rating System plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'Link URL' Field in all versions up to, and including, 4.0.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

4.4CVSS0.0024EPSS
Exploits0References9
CVE
CVE
added 3 days ago11 views

CVE-2026-12560

The Editorial Rating – Product Review & Rating System plugin for WordPress (versions up to 4.0.5) is vulnerable to Stored Cross-Site Scripting via the Link URL field due to insufficient input sanitization and output escaping. Authenticated attackers with administrator-level access can store a pay...

4.4CVSS5.9AI score0.0024EPSS
Exploits0References9
EUVD
EUVD
added 3 days ago4 views

EUVD-2026-40251

The Editorial Rating – Product Review & Rating System plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'Link URL' Field in all versions up to, and including, 4.0.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

4.4CVSS5.9AI score0.0024EPSS
Exploits0References9
OPENSUSE Linux
OPENSUSE Linux
added 3 days ago3 views

Security update for distribution (important)

openSUSE security update: security update for distribution ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:21084-1 Rating: important References: bsc1265429 bsc1265788 bsc1266049 bsc1266629 Cross-References: CVE-2026-33814 CVE-2026-39821 CVE-2026-398...

9.1CVSS6.7AI score0.00781EPSS
Exploits1References4
Patchstack
Patchstack
added 4 days ago5 views

WordPress Editorial Rating – Product Review & Rating System plugin <= 4.0.5 - Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting vulnerability discovered by Supoj Polsawas sp0x5ec in WordPress Plugin Editorial Rating – Product Review & Rating System versions = 4.0.5...

4.4CVSS5.8AI score0.0024EPSS
Exploits0References1Affected Software1
Rockylinux
Rockylinux
added 2026/06/25 12:3 p.m.5 views

kernel security, bug fix, and enhancement update

An update is available for kernel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

9.8CVSS6.8AI score0.004EPSS
Exploits9
CVE
CVE
added 2026/06/24 5:33 a.m.10 views

CVE-2026-9619

CVE-2026-9619 affects the Reviews and Rating – Docplanner WordPress plugin, vulnerable in all versions up to 1.1.4 due to insufficient authorization checks for an action (sync_reviews AJAX). This allows authenticated users with subscriber-level access and above to trigger outbound scraping, write...

4.3CVSS5.7AI score0.00307EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/24 5:33 a.m.35 views

CVE-2026-9619 Reviews and Rating <= 1.1.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Modification via sync_reviews AJAX Action

The Reviews and Rating – Docplanner plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.1.4. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with...

4.3CVSS0.00307EPSS
Exploits0References6
Patchstack
Patchstack
added 2026/06/23 4:40 p.m.4 views

WordPress Reviews and Rating – Docplanner plugin <= 1.1.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Modification vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary Modification vulnerability discovered by Benedictus Jovan aillesiM in WordPress Plugin Reviews and Rating – Docplanner versions = 1.1.4...

4.3CVSS5.8AI score0.00307EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/06/15 9:16 p.m.7 views

CVE-2026-42639

Unauthenticated SQL Injection in GD Rating System = 3.6.2 versions...

9.3CVSS0.00283EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/15 8:18 p.m.5 views

EUVD-2026-36815

Unauthenticated SQL Injection in GD Rating System = 3.6.2 versions...

9.3CVSS5.7AI score0.00283EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:18 p.m.27 views

CVE-2026-42639 WordPress GD Rating System plugin <= 3.6.2 - SQL Injection vulnerability

Unauthenticated SQL Injection in GD Rating System = 3.6.2 versions...

9.3CVSS0.00283EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/15 8:18 p.m.6 views

CVE-2026-42639 WordPress GD Rating System plugin <= 3.6.2 - SQL Injection vulnerability

Unauthenticated SQL Injection in GD Rating System = 3.6.2 versions...

9.3CVSS5.7AI score0.00283EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 8:18 p.m.9 views

CVE-2026-42639

CVE-2026-42639 concerns the WordPress plugin GD Rating System (versions

9.3CVSS5.7AI score0.00283EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.9 views

PT-2026-49441

Unauthenticated SQL Injection in GD Rating System = 3.6.2 versions...

9.3CVSS5.7AI score0.00283EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2026/06/15 12:0 a.m.5 views

libopenssl-3-devel-3.5.3-6.1 on GA media (moderate)

libopenssl-3-devel-3.5.3-6.1 on GA media Announcement ID: openSUSE-SU-2026:11023-1 Rating: moderate Cross-References: CVE-2026-34180 CVE-2026-34182 CVE-2026-34183 CVE-2026-42764 CVE-2026-42766 CVE-2026-42767 CVE-2026-42768 CVE-2026-42769 CVE-2026-42770 CVE-2026-45445 CVE-2026-45446 CVE-2026-45447...

8.2CVSS5.3AI score0.02719EPSS
Exploits0
OPENSUSE Linux
OPENSUSE Linux
added 2026/06/14 12:0 a.m.11 views

kernel-devel-7.0.12-1.1 on GA media (moderate)

kernel-devel-7.0.12-1.1 on GA media Announcement ID: openSUSE-SU-2026:11014-1 Rating: moderate Cross-References: CVE-2026-46244 CVE-2026-46273 CVE-2026-46274 CVE-2026-46275 CVE-2026-46276 CVE-2026-46277 CVE-2026-46278 CVE-2026-46279 CVE-2026-46280 CVE-2026-46281 CVE-2026-46282 CVE-2026-46283...

7.8CVSS5.3AI score0.00457EPSS
Exploits1
OPENSUSE Linux
OPENSUSE Linux
added 2026/06/13 12:0 a.m.5 views

postgresql-jdbc-42.7.11-1.1 on GA media (moderate)

postgresql-jdbc-42.7.11-1.1 on GA media Announcement ID: openSUSE-SU-2026:11001-1 Rating: moderate Cross-References: CVE-2026-42198 CVSS scores: CVE-2026-42198 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Tumbleweed An update that solves one vulnerability ca...

7.5CVSS7.2AI score0.0077EPSS
Exploits0
OPENSUSE Linux
OPENSUSE Linux
added 2026/06/11 12:0 a.m.7 views

Security update for java-17-openj9 (important)

openSUSE Security Update: Security update for java-17-openj9 Announcement ID: openSUSE-SU-2025:0067-1 Rating: important References: 1204468 1204471 1204472 1204473 1204475 1204480 1204703 1206549 1207246 1207248 1207922 1210628 1210631 1210632 1210634 1210635 1210636 1210637 1211615 1213470 12134...

7.5CVSS6.3AI score0.02474EPSS
Exploits1References50
Rows per page
Query Builder