Lucene search
K

587 matches found

Snyk
Snyk
added 2026/01/08 8:50 p.m.3 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the ScrollRestoration API when using the getKey or storageKey props during server-side rendering in Framework Mode. An attacker can execute arbitrary JavaScript code by supplying untrusted content to generat...

8.2CVSS5.4AI score0.00472EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/01/08 8:50 p.m.8 views

React Router SSR XSS in ScrollRestoration

A XSS vulnerability exists in in React Router's API in Framework Mode when using the getKey/storageKey props during Server-Side Rendering which could allow arbitrary JavaScript execution during SSR if untrusted content is used to generate the keys. !NOTE This does not impact applications if...

8.2CVSS6.5AI score0.00472EPSS
Exploits0References3Affected Software2
NVD
NVD
added 2026/01/08 10:15 a.m.5 views

CVE-2025-68892

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in [email protected] Scroll rss excerpt scroll-rss-excerpt allows Reflected XSS.This issue affects Scroll rss excerpt: from n/a through = 5.0...

7.1CVSS0.00149EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/08 9:17 a.m.30 views

CVE-2025-68892 WordPress Scroll rss excerpt plugin <= 5.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in [email protected] Scroll rss excerpt scroll-rss-excerpt allows Reflected XSS.This issue affects Scroll rss excerpt: from n/a through = 5.0...

7.1CVSS0.00149EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/08 9:17 a.m.3 views

CVE-2025-68892 WordPress Scroll rss excerpt plugin <= 5.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in [email protected] Scroll rss excerpt scroll-rss-excerpt allows Reflected XSS.This issue affects Scroll rss excerpt: from n/a through = 5.0...

7.1CVSS6AI score0.00149EPSS
Exploits0References1
CVE
CVE
added 2026/01/08 9:17 a.m.11 views

CVE-2025-68892

CVE-2025-68892 — Reflected XSS in the WordPress plugin Scroll rss excerpt (vulnerable through version

7.1CVSS6AI score0.00149EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/08 12:0 a.m.3 views

WordPress plugin Scroll rss excerpt 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

7.1CVSS5.9AI score0.00149EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/08 12:0 a.m.6 views

PT-2026-2120

Name of the Vulnerable Software and Affected Versions @remix-run/react versions prior to 2.17.3 react-router versions 7.0.0 through 7.11.0 Description React Router, a router for React, contains a cross-site scripting XSS issue within the API when operating in Framework Mode during Server-Side...

8.2CVSS5.8AI score0.00472EPSS
Exploits0References19
Positive Technologies
Positive Technologies
added 2026/01/08 12:0 a.m.7 views

PT-2026-1930

Name of the Vulnerable Software and Affected Versions Scroll rss excerpt versions n/a through 5.0 Description The software contains an Improper Neutralization of Input During Web Page Generation issue, specifically a Reflected Cross-Site Scripting XSS condition. This allows for the injection of...

6.1CVSS5.9AI score0.00149EPSS
Exploits0References5
Patchstack
Patchstack
added 2025/12/29 12:15 p.m.5 views

WordPress Scroll rss excerpt plugin <= 5.0 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin Scroll rss excerpt versions = 5.0...

6.1CVSS6.1AI score0.00149EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/12/19 7:32 a.m.6 views

CVE-2025-60072

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Processby Anchor smooth scroll anchor-smooth-scroll allows PHP Local File Inclusion.This issue affects Anchor smooth scroll: from n/a through = 1.0.2...

8.1CVSS7.1AI score0.00415EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/18 9:30 a.m.5 views

EUVD-2025-204113

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Processby Anchor smooth scroll anchor-smooth-scroll allows PHP Local File Inclusion.This issue affects Anchor smooth scroll: from n/a through = 1.0.2...

8.2CVSS6.6AI score0.00415EPSS
Exploits0References2
NVD
NVD
added 2025/12/18 8:16 a.m.5 views

CVE-2025-60072

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Processby Anchor smooth scroll anchor-smooth-scroll allows PHP Local File Inclusion.This issue affects Anchor smooth scroll: from n/a through = 1.0.2...

8.1CVSS0.00415EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/18 7:22 a.m.1 views

CVE-2025-60072 WordPress Anchor smooth scroll plugin <= 1.0.2 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Processby Anchor smooth scroll anchor-smooth-scroll allows PHP Local File Inclusion.This issue affects Anchor smooth scroll: from n/a through = 1.0.2...

8.1CVSS6.7AI score0.00415EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/18 7:22 a.m.24 views

CVE-2025-60072 WordPress Anchor smooth scroll plugin <= 1.0.2 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Processby Anchor smooth scroll anchor-smooth-scroll allows PHP Local File Inclusion.This issue affects Anchor smooth scroll: from n/a through = 1.0.2...

8.1CVSS0.00415EPSS
Exploits0References1
CVE
CVE
added 2025/12/18 7:22 a.m.8 views

CVE-2025-60072

CVE-2025-60072 affects the WordPress plugin Anchor smooth scroll, versions

8.1CVSS6.7AI score0.00415EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/18 12:0 a.m.4 views

WordPress plugin Anchor smooth scroll 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. A security...

8.1CVSS6.6AI score0.00415EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/18 12:0 a.m.4 views

PT-2025-52133

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Processby Anchor smooth scroll anchor-smooth-scroll allows PHP Local File Inclusion.This issue affects Anchor smooth scroll: from n/a through = 1.0.2...

7.1AI score0.00415EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/25 12:16 a.m.9 views

Malicious code in @oku-ui/scroll-area (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector feec27c9dd0a9e2e311e7acfd63e100ca5a09fe90c7e8aeb9237e7722ea49a77 The package @oku-ui/scroll-area was found to contain malicious code. Source: google-open-source-security...

6.9AI score
Exploits0References3
EUVD
EUVD
added 2025/11/25 12:16 a.m.4 views

EUVD-2025-199467

Malicious code in @oku-ui/scroll-area npm...

6.6AI score
Exploits0References3
Rows per page
Query Builder