Lucene search
K

115 matches found

Nuclei
Nuclei
added 9 hours ago73 views

TablePress < 2.4.3 - XXE Injection

The PHPSpreadsheet library used by the plugin is affected by an XXE as the security scanner that prevents XXE attacks in the XLSX reader can be bypassed by slightly modifying the XML structure, utilizing white spaces. On servers that allow users to upload their own Excel XLSX sheets, Server files...

7.5CVSS6.1AI score0.02859EPSS
Exploits1References4
NVD
NVD
added 2026/06/25 2:16 p.m.6 views

CVE-2026-56051

Unauthenticated Cross Site Scripting XSS in TablePress = 3.3.1 versions...

7.1CVSS0.0018EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:12 p.m.5 views

EUVD-2026-39381

Unauthenticated Cross Site Scripting XSS in TablePress = 3.3.1 versions...

7.1CVSS5.8AI score0.0018EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/25 1:12 p.m.33 views

CVE-2026-56051 WordPress TablePress plugin <= 3.3.1 - Reflected Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in TablePress = 3.3.1 versions...

7.1CVSS0.0018EPSS
Exploits0References1
CVE
CVE
added 2026/06/25 1:12 p.m.15 views

CVE-2026-56051

The CVE-2026-56051 entry describes an unauthenticated reflected XSS vulnerability in the WordPress TablePress plugin, affecting versions

7.1CVSS5.8AI score0.0018EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/25 1:12 p.m.4 views

CVE-2026-56051

Unauthenticated Cross Site Scripting XSS in TablePress = 3.3.1 versions...

7.1CVSS5.8AI score0.0018EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/06/25 9:48 a.m.10 views

WordPress TablePress plugin <= 3.3.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Bonds in WordPress Plugin TablePress versions = 3.3.1...

7.1CVSS5.8AI score0.0018EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.10 views

PT-2026-52433

Name of the Vulnerable Software and Affected Versions TablePress versions prior to 3.3.2 Description An unauthenticated cross-site scripting XSS flaw allows malicious script content to be injected via user-controlled input rendered by the plugin. The issue stems from improper input validation and...

7.1CVSS5.8AI score0.0018EPSS
Exploits0References5
Patchstack
Patchstack
added 2026/05/01 9:16 a.m.6 views

WordPress TablePress – Tables in WordPress made easy plugin <= 3.0.2 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin TablePress versions = 3.0.2...

6.1CVSS5.8AI score0.00276EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/11/05 3:7 a.m.18 views

CVE-2025-12324

The TablePress – Tables in WordPress made easy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's table shortcode attributes in all versions up to, and including, 3.2.3 due to insufficient input sanitization and output escaping on user supplied attributes. This mak...

6.4CVSS5AI score0.00176EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/11/04 4:46 a.m.6 views

WordPress TablePress plugin <= 3.2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode Attributes vulnerability discovered by Rafshanzani Suhada in WordPress Plugin TablePress versions = 3.2.4...

6.4CVSS5.8AI score0.00176EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2025/11/04 3:15 a.m.7 views

CVE-2025-12324

The TablePress – Tables in WordPress made easy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's table shortcode attributes in all versions up to, and including, 3.2.3 due to insufficient input sanitization and output escaping on user supplied attributes. This mak...

6.4CVSS0.00176EPSS
Exploits0References2
CVE
CVE
added 2025/11/04 2:26 a.m.25 views

CVE-2025-12324

CVE-2025-12324 affects the WordPress plugin TablePress (versions up to 3.2.3). The vulnerability is a Stored Cross-Site Scripting via table shortcode attributes caused by insufficient input sanitization and output escaping. Exploitation requires at least contributor-level access; an attacker can ...

6.4CVSS4.7AI score0.00176EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/04 2:26 a.m.8 views

CVE-2025-12324 TablePress – Tables in WordPress made easy <= 3.2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes

The TablePress – Tables in WordPress made easy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's table shortcode attributes in all versions up to, and including, 3.2.3 due to insufficient input sanitization and output escaping on user supplied attributes. This mak...

6.4CVSS4.7AI score0.00176EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/11/04 2:26 a.m.9 views

CVE-2025-12324 TablePress – Tables in WordPress made easy <= 3.2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes

The TablePress – Tables in WordPress made easy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's table shortcode attributes in all versions up to, and including, 3.2.3 due to insufficient input sanitization and output escaping on user supplied attributes. This mak...

6.4CVSS0.00176EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/11/04 12:0 a.m.9 views

WordPress plugin TablePress 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

6.4CVSS5.8AI score0.00176EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/04 12:0 a.m.8 views

PT-2025-44915

Name of the Vulnerable Software and Affected Versions TablePress versions up to and including 3.2.3 Description The TablePress plugin for WordPress is susceptible to Stored Cross-Site Scripting through the table shortcode attributes. Insufficient input sanitization and output escaping on...

6.4CVSS5.2AI score0.00176EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-10734

Malware in sbrugna...

6.8CVSS6.5AI score0.02326EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-2529

Malware in sbrugna...

4.3CVSS4.6AI score0.01058EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-21272

Malicious code in bioql PyPI...

4.9CVSS5.4AI score0.00549EPSS
Exploits1References2
Rows per page
Query Builder