Lucene search
K

380 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:8 a.m.13 views

CVE-2023-6486

The Spectra – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Custom CSS metabox in all versions up to and including 2.10.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5.8AI score0.00572EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:39 p.m.6 views

CVE-2020-10369

Certain Cypress and Broadcom Wireless Combo chips, when a January 2021 firmware update is not present, allow inferences about memory content via a "Spectra" attack...

5.5CVSS7AI score0.00374EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:23 p.m.8 views

CVE-2020-25966

Sectona Spectra before 3.4.0 has a vulnerable SOAP API endpoint that leaks sensitive information about the configured assets without proper authentication. This could be used by unauthorized parties to get configured login credentials of the assets via a modified pAccountID value. NOTE: The vendo...

7.5CVSS6.3AI score0.01353EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 1:29 p.m.7 views

CVE-2018-7827

A Cross-Site Scripting XSS vulnerability exists in the 1st Gen. Pelco Sarix Enhanced Camera and Spectra Enhanced PTZ Camera which a remote attacker can execute arbitrary HTML and script code in a user’s browser session...

5.4CVSS6AI score0.00818EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:23 a.m.11 views

CVE-2018-7828

A Cross-Site Request Forgery CSRF vulnerability exists in the 1st Gen. Pelco Sarix Enhanced Camera and Spectra Enhanced PTZ Camera when an authenticated user clicks a specially crafted malicious link while logged into the camera...

8.8CVSS6.9AI score0.00572EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/26 5:22 a.m.14 views

CVE-2025-1784 Spectra – WordPress Gutenberg Blocks <= 2.19.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Spectra – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the uagb block in all versions up to, and including, 2.19.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS0.00273EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/03/26 5:22 a.m.5 views

CVE-2025-1784 Spectra – WordPress Gutenberg Blocks <= 2.19.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Spectra – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the uagb block in all versions up to, and including, 2.19.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5.9AI score0.00273EPSS
Exploits0References3
CVE
CVE
added 2025/03/26 5:22 a.m.64 views

CVE-2025-1784

CVE-2025-1784 affects Spectra Gutenberg Blocks – Website Builder for the Block Editor. The Red Hat advisory confirms a Stored Cross-Site Scripting vulnerability in the uagb block for all versions up to 2.19.0, caused by insufficient input sanitization and output escaping. Exploitation requires au...

6.4CVSS5.9AI score0.00273EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/03/26 12:0 a.m.4 views

WordPress plugin Spectra 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.4CVSS8AI score0.00273EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/03/25 7:5 p.m.7 views

WordPress Spectra plugin <= 2.19.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin Spectra versions = 2.19.0...

6.4CVSS5.7AI score0.00273EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/02/05 10:11 a.m.9 views

CVE-2024-3828

The Spectra Pro plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.1.5. This is due to the plugin allowing lower-privileged users to create registration forms and set the default role to administrator This makes it possible for authenticated...

8.8CVSS6.7AI score0.00563EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 3:36 a.m.8 views

CVE-2024-45367

The web server for ONS-S8 - Spectra Aggregation Switch includes an incomplete authentication process, which can lead to an attacker authenticating without a password...

9.3CVSS7.2AI score0.0052EPSS
Exploits0References1
OSV
OSV
added 2024/12/09 1:15 p.m.4 views

CVE-2023-23825

Missing Authorization vulnerability in Brainstorm Force Spectra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spectra: from n/a through 2.3.0...

8.8CVSS5.8AI score0.00539EPSS
Exploits0References1
NVD
NVD
added 2024/12/09 1:15 p.m.30 views

CVE-2023-23834

Missing Authorization vulnerability in Brainstorm Force Spectra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spectra: from n/a through 2.3.0...

9.8CVSS0.00642EPSS
Exploits0References1
OSV
OSV
added 2024/12/09 1:15 p.m.4 views

CVE-2023-23834

Missing Authorization vulnerability in Brainstorm Force Spectra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spectra: from n/a through 2.3.0...

9.8CVSS5.8AI score0.00642EPSS
Exploits0References1
NVD
NVD
added 2024/12/09 1:15 p.m.31 views

CVE-2023-23825

Missing Authorization vulnerability in Brainstorm Force Spectra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spectra: from n/a through 2.3.0...

8.8CVSS0.00539EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/09 11:31 a.m.41 views

CVE-2023-23825 WordPress Spectra – WordPress Gutenberg Blocks plugin <= 2.3.0 - Broken Access Control + CSRF on Import_WPforms vulnerability

Missing Authorization vulnerability in Brainstorm Force Spectra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spectra: from n/a through 2.3.0...

3.1CVSS0.00539EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/09 11:31 a.m.9 views

CVE-2023-23825 WordPress Spectra – WordPress Gutenberg Blocks plugin <= 2.3.0 - Broken Access Control + CSRF on Import_WPforms vulnerability

Missing Authorization vulnerability in Brainstorm Force Spectra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spectra: from n/a through 2.3.0...

3.1CVSS5.1AI score0.00539EPSS
Exploits0References1
CVE
CVE
added 2024/12/09 11:31 a.m.65 views

CVE-2023-23825

CVE-2023-23825 affects the Brainstorm Force Spectra WordPress plugin, specifically Spectra versions through 2.3.0. The issue is described as a Missing Authorization vulnerability stemming from incorrectly configured access control, leading to Broken Access Control. Public sources in the connected...

8.8CVSS5.1AI score0.00539EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/12/09 11:31 a.m.52 views

CVE-2023-23834 WordPress Spectra – WordPress Gutenberg Blocks plugin <= 2.3.0 - Broken Access Control + CSRF on Activate_Plugin vulnerability

Missing Authorization vulnerability in Brainstorm Force Spectra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spectra: from n/a through 2.3.0...

4.3CVSS0.00642EPSS
Exploits0References1
Rows per page
Query Builder