Lucene search
K

587 matches found

Patchstack
Patchstack
added 2026/02/02 2:52 p.m.6 views

WordPress Premium Addons PRO plugin <= 2.9.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via Premium Magic Scroll Module vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Premium Magic Scroll Module vulnerability discovered by wesley wcraft in WordPress Plugin Premium Addons PRO versions = 2.9.12...

6.4CVSS5.4AI score0.00423EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/02 8:48 a.m.5 views

WordPress The Plus Addons for Elementor plugin <= 5.6.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via TP Page Scroll Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via TP Page Scroll Widget vulnerability discovered by stealthcopter in WordPress Plugin The Plus Addons for Elementor Page Builder Lite versions = 5.6.2...

6.4CVSS5.3AI score0.00311EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2026/02/02 12:0 a.m.7 views

Mozilla Firefox Code Execution Vulnerability (CNVD-2026-11797)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a code execution vulnerability due to a use-after-release in the Layout: Scroll and Overflow component. An attacker can exploit this vulnerability to execute arbitrary code...

8.8CVSS6.6AI score0.00232EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/31 12:0 a.m.10 views

PT-2026-5501

The Ajax Load More – Infinite Scroll, Load More, & Lazy Load plugin for WordPress is vulnerable to unauthorized access of data due to incorrect authorization on the parse custom args function in all versions up to, and including, 7.8.1. This makes it possible for unauthenticated attackers to expo...

5.3CVSS5.9AI score0.00264EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/27 12:0 a.m.9 views

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a code execution vulnerability due to a use-after-release in the Layout: Scroll and Overflow component. An attacker can exploit this vulnerability to execute arbitrary code...

8.8CVSS7.9AI score0.00232EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/01/13 12:24 a.m.4 views

SUSE CVE-2026-21884

React Router is a router for React. In @remix-run/react version prior to 2.17.3. and react-router 7.0.0 through 7.11.0, a XSS vulnerability exists in in React Router's API in Framework Mode when using the getKey/storageKey props during Server-Side Rendering which could allow arbitrary JavaScript...

8.2CVSS6.5AI score0.00472EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/12 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-21884

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - React Router is a router for React. In @remix-run/react version prior to 2.17.3. and react-router 7.0.0 through 7.11.0, a XSS vulnerability exists in in React...

8.2CVSS6.5AI score0.00472EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/10 5:41 a.m.6 views

CVE-2025-68892

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in [email protected] Scroll rss excerpt scroll-rss-excerpt allows Reflected XSS.This issue affects Scroll rss excerpt: from n/a through = 5.0...

7.1CVSS5.9AI score0.00149EPSS
Exploits0References1
NVD
NVD
added 2026/01/10 3:15 a.m.8 views

CVE-2026-21884

React Router is a router for React. In @remix-run/react version prior to 2.17.3. and react-router 7.0.0 through 7.11.0, a XSS vulnerability exists in in React Router's API in Framework Mode when using the getKey/storageKey props during Server-Side Rendering which could allow arbitrary JavaScript...

8.2CVSS0.00472EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/01/10 2:41 a.m.26 views

CVE-2026-21884 React Router SSR XSS in ScrollRestoration

React Router is a router for React. In @remix-run/react version prior to 2.17.3. and react-router 7.0.0 through 7.11.0, a XSS vulnerability exists in in React Router's API in Framework Mode when using the getKey/storageKey props during Server-Side Rendering which could allow arbitrary JavaScript...

8.2CVSS0.00472EPSS
Exploits0References1
CVE
CVE
added 2026/01/10 2:41 a.m.31 views

CVE-2026-21884

CVE-2026-21884 is a Cross-Site Scripting (XSS) vulnerability in React Router SSR usage. Affected: @remix-run/react prior to 2.17.3 and react-router 7.0.0–7.11.0. Root cause: during Server-Side Rendering in Framework Mode, using getKey/storageKey with can allow arbitrary JavaScript execution if u...

8.2CVSS6.1AI score0.00472EPSS
Exploits0References8Affected Software2
Vulnrichment
Vulnrichment
added 2026/01/10 2:41 a.m.2 views

CVE-2026-21884 React Router SSR XSS in ScrollRestoration

React Router is a router for React. In @remix-run/react version prior to 2.17.3. and react-router 7.0.0 through 7.11.0, a XSS vulnerability exists in in React Router's API in Framework Mode when using the getKey/storageKey props during Server-Side Rendering which could allow arbitrary JavaScript...

8.2CVSS6.1AI score0.00472EPSS
Exploits0References1
OSV
OSV
added 2026/01/10 2:41 a.m.3 views

CVE-2026-21884 React Router SSR XSS in ScrollRestoration

React Router is a router for React. In @remix-run/react version prior to 2.17.3. and react-router 7.0.0 through 7.11.0, a XSS vulnerability exists in in React Router's API in Framework Mode when using the getKey/storageKey props during Server-Side Rendering which could allow arbitrary JavaScript...

8.2CVSS6.2AI score0.00472EPSS
Exploits0References3
EUVD
EUVD
added 2026/01/10 2:41 a.m.5 views

EUVD-2026-1466

React Router is a router for React. In @remix-run/react version prior to 2.17.3. and react-router 7.0.0 through 7.11.0, a XSS vulnerability exists in in React Router's API in Framework Mode when using the getKey/storageKey props during Server-Side Rendering which could allow arbitrary JavaScript...

8.2CVSS5.9AI score0.00472EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 9:17 a.m.6 views

CVE-2025-23444

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in nasir179125 Scroll Top Advanced scroll-top-advanced allows Stored XSS.This issue affects Scroll Top Advanced: from n/a through = 2.5...

6.5CVSS7.2AI score0.00355EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:47 a.m.9 views

CVE-2025-23651

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in adamskaat Scroll Top scroll-to-top-builder allows Reflected XSS.This issue affects Scroll Top: from n/a through = 1.3.3...

7.1CVSS7.2AI score0.00285EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:46 a.m.5 views

CVE-2025-23536

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mndpsingh287 Track Page Scroll track-page-scroll allows Reflected XSS.This issue affects Track Page Scroll: from n/a through = 1.0.2...

7.1CVSS7.2AI score0.00342EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/01/08 8:50 p.m.8 views

React Router SSR XSS in ScrollRestoration

A XSS vulnerability exists in in React Router's API in Framework Mode when using the getKey/storageKey props during Server-Side Rendering which could allow arbitrary JavaScript execution during SSR if untrusted content is used to generate the keys. !NOTE This does not impact applications if...

8.2CVSS6.5AI score0.00472EPSS
Exploits0References3Affected Software2
Snyk
Snyk
added 2026/01/08 8:50 p.m.4 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the ScrollRestoration API when using the getKey or storageKey props during server-side rendering in Framework Mode. An attacker can execute arbitrary JavaScript code by supplying untrusted content to generat...

8.2CVSS5.4AI score0.00472EPSS
Exploits0References2
OSV
OSV
added 2026/01/08 8:50 p.m.4 views

GHSA-8V8X-CX79-35W7 React Router SSR XSS in ScrollRestoration

A XSS vulnerability exists in in React Router's API in Framework Mode when using the getKey/storageKey props during Server-Side Rendering which could allow arbitrary JavaScript execution during SSR if untrusted content is used to generate the keys. !NOTE This does not impact applications if...

8.2CVSS6.3AI score0.00472EPSS
Exploits0References3
Rows per page
Query Builder