Lucene search
K

118 matches found

CNNVD
CNNVD
added 2025/11/01 12:0 a.m.6 views

WordPress plugin RESTful Content Syndication 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...

8.8CVSS7.9AI score0.00493EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-9335

Malware in sbrugna...

6.1CVSS6.3AI score0.01011EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2018-7470

Malware in sbrugna...

6.1CVSS6.2AI score0.02261EPSS
Exploits5References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2024-45496

Malicious code in bioql PyPI...

7.1CVSS8.7AI score0.00275EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-4219

Malicious code in bioql PyPI...

7.1CVSS8.7AI score0.00231EPSS
Exploits0References2
CVE
CVE
added 2025/08/26 12:0 a.m.14 views

CVE-2024-45753

Affected software: Mahara 23.04.8 and 24.04.4. Vulnerability: In the external RSS feed block, an external feed XML containing a malicious value for the link attribute can cause a cross-site scripting (XSS) attack. Impact (as described): Cross-site scripting due to unsafe link values in RSS feed i...

6.1CVSS6.3AI score0.00188EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-52567

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In versions 0.84...

5CVSS5AI score0.0018EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/07/30 12:0 a.m.4 views

GLPI 代码问题漏洞

GLPI is an open source IT and asset management software from GLPI Open Source. The software provides a full-featured IT resource management interface that you can use to build databases to fully manage IT computers, monitors, servers, printers, network devices, phones, and even toner and ink...

5CVSS4.7AI score0.0018EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 5:17 a.m.6 views

CVE-2015-9495

The syndication-links plugin before 1.0.3 for WordPress has XSS via the genericons/example.html anchor identifier...

6.1CVSS6.1AI score0.01011EPSS
Exploits2References1
OSV
OSV
added 2025/04/25 3:15 p.m.2 views

UBUNTU-CVE-2025-3636

A flaw was found in Moodle. This vulnerability allows unauthorized users to access and view RSS feeds due to insufficient capability checks...

4.3CVSS5.7AI score0.00278EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/02/15 2:23 p.m.7 views

CVE-2025-26552

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in badrHan Naver Syndication V2 badr-naver-syndication allows Stored XSS.This issue affects Naver Syndication V2: from n/a through = 0.8.3...

7.1CVSS7.2AI score0.00231EPSS
Exploits0References1
NVD
NVD
added 2025/02/13 2:16 p.m.10 views

CVE-2025-26552

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in badrHan Naver Syndication V2 badr-naver-syndication allows Stored XSS.This issue affects Naver Syndication V2: from n/a through = 0.8.3...

7.1CVSS0.00231EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/13 1:52 p.m.7 views

CVE-2025-26552 WordPress Naver Syndication V2 plugin <= 0.8.3 - CSRF to Stored Cross-Site Scripting vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in badrHan Naver Syndication V2 allows Stored XSS. This issue affects Naver Syndication V2: from n/a through 0.8.3...

7.1CVSS6.8AI score0.00231EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/13 1:52 p.m.21 views

CVE-2025-26552 WordPress Naver Syndication V2 plugin <= 0.8.3 - CSRF to Stored Cross-Site Scripting vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in badrHan Naver Syndication V2 badr-naver-syndication allows Stored XSS.This issue affects Naver Syndication V2: from n/a through = 0.8.3...

7.1CVSS0.00231EPSS
Exploits0References1
CVE
CVE
added 2025/02/13 1:52 p.m.62 views

CVE-2025-26552

CVE-2025-26552 affects the WordPress plugin Naver Syndication V2 (versions up to 0.8.3). It describes a CSRF-to-Stored Cross‑Site Scripting vulnerability caused by improper input neutralization during web page generation. Public details in provided documents confirm the issue and affected product...

7.1CVSS7.2AI score0.00231EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/02/13 12:47 p.m.4 views

WordPress Naver Syndication V2 plugin <= 0.8.3 - CSRF to Stored Cross-Site Scripting vulnerability

CSRF to Stored Cross-Site Scripting vulnerability discovered by Abdi Pranata in WordPress Plugin Naver Syndication V2 versions = 0.8.3...

7.1CVSS5.8AI score0.00231EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2025/02/13 12:0 a.m.3 views

WordPress plugin Naver Syndication 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

7.1CVSS7.7AI score0.00231EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 3:24 a.m.5 views

CVE-2024-51696

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ben.moody Content Syndication Toolkit Reader content-syndication-toolkit-reader allows Reflected XSS.This issue affects Content Syndication Toolkit Reader: from n/a through = 1.5...

7.1CVSS7.2AI score0.00275EPSS
Exploits0References1
OSV
OSV
added 2024/11/18 12:15 p.m.2 views

UBUNTU-CVE-2024-48897

A vulnerability was found in Moodle. Additional checks are required to ensure users can only edit or delete RSS feeds that they have permission to modify...

6.5CVSS5.8AI score0.00284EPSS
Exploits0References3
NVD
NVD
added 2024/11/09 1:15 p.m.6 views

CVE-2024-51696

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ben.moody Content Syndication Toolkit Reader content-syndication-toolkit-reader allows Reflected XSS.This issue affects Content Syndication Toolkit Reader: from n/a through = 1.5...

7.1CVSS0.00275EPSS
Exploits0References1
Rows per page
Query Builder