Lucene search
+L

277 matches found

nuclei
nuclei
added yesterday21 views

tagDiv Composer < 4.2 - Stored Cross-Site Scripting

tagDiv Composer plugin versions before 4.2 for WordPress are vulnerable to unauthenticated stored XSS via the /wp-json/tdw/savecss endpoint. An attacker can inject malicious JavaScript code through the compiledcss parameter, which gets stored and executed when the CSS is loaded. id: CVE-2023-3169...

6.1CVSS6.8AI score0.01582EPSS
Exploits2References2
nuclei
nuclei
added yesterday10 views

WordPress tagDiv Composer < 3.5 - Authentication Bypass

The tagDiv Composer WordPress plugin before 3.5, required by the Newspaper WordPress theme before 12.1 and Newsmag WordPress theme before 5.2.2, does not properly implement the Facebook login feature, allowing unauthenticated attackers to login as any user by just knowing their email address id:...

9.8CVSS7AI score0.03546EPSS
Exploits2References2
nuclei
nuclei
added yesterday269 views

WordPress Newspaper < 12 - Cross-Site Scripting

WordPress Newspaper theme before 12 is susceptible to cross-site scripting. The does not sanitize a parameter before outputting it back in an HTML attribute via an AJAX action. An attacker can potentially execute malware, obtain sensitive information, modify data, and/or execute unauthorized...

6.1CVSS6AI score0.00969EPSS
Exploits2References2
nvd
nvd
added 3 days ago5 views

CVE-2026-57732

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tagDiv tagDiv Opt-In Builder td-subscription allows DOM-Based XSS.This issue affects tagDiv Opt-In Builder: from n/a through = 1.7.4...

7.1CVSS0.0018EPSS
Exploits0References1
nvd
nvd
added 3 days ago3 views

CVE-2026-57733

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tagDiv tagDiv Cloud Library td-cloud-library allows DOM-Based XSS.This issue affects tagDiv Cloud Library: from n/a through = 3.9.4...

7.1CVSS0.0018EPSS
Exploits0References1
nvd
nvd
added 3 days ago4 views

CVE-2026-57734

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tagDiv tagDiv Composer td-composer allows Reflected XSS.This issue affects tagDiv Composer: from n/a through = 5.4.3...

7.1CVSS0.0018EPSS
Exploits0References1
cve
cve
added 3 days ago12 views

CVE-2026-57733

The CVE-2026-57733 entry concerns the WordPress plugin tagDiv Cloud Library (td-cloud-library) with versions

7.1CVSS6.1AI score0.0018EPSS
Exploits0References1
cvelist
cvelist
added 3 days ago28 views

CVE-2026-57733 WordPress tagDiv Cloud Library plugin <= 3.9.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tagDiv tagDiv Cloud Library td-cloud-library allows DOM-Based XSS.This issue affects tagDiv Cloud Library: from n/a through = 3.9.4...

7.1CVSS0.0018EPSS
Exploits0References1
cvelist
cvelist
added 3 days ago28 views

CVE-2026-57734 WordPress tagDiv Composer plugin <= 5.4.3 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tagDiv tagDiv Composer td-composer allows Reflected XSS.This issue affects tagDiv Composer: from n/a through = 5.4.3...

7.1CVSS0.0018EPSS
Exploits0References1
cve
cve
added 3 days ago12 views

CVE-2026-57734

The CVE concerns WordPress tagDiv Composer (td-composer). Affected: tagDiv Composer

7.1CVSS6.1AI score0.0018EPSS
Exploits0References1
cve
cve
added 3 days ago11 views

CVE-2026-57732

CVE-2026-57732 : A DOM-based Cross-Site Scripting (XSS) vulnerability exists in the WordPress plugin tagDiv Opt-In Builder (td-subscription), affecting versions

7.1CVSS6.1AI score0.0018EPSS
Exploits0References1
cvelist
cvelist
added 3 days ago28 views

CVE-2026-57732 WordPress tagDiv Opt-In Builder plugin <= 1.7.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tagDiv tagDiv Opt-In Builder td-subscription allows DOM-Based XSS.This issue affects tagDiv Opt-In Builder: from n/a through = 1.7.4...

7.1CVSS0.0018EPSS
Exploits0References1
patchstack
patchstack
added 2026/07/06 1:23 p.m.4 views

WordPress tagDiv Composer plugin <= 5.4.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Bonds in WordPress Plugin tagDiv Composer versions = 5.4.5...

7.1CVSS6.1AI score0.0018EPSS
Exploits0Affected Software1
patchstack
patchstack
added 2026/07/06 1:22 p.m.4 views

WordPress tagDiv Cloud Library plugin <= 3.9.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Bonds in WordPress Plugin tagDiv Cloud Library versions = 3.9.4...

7.1CVSS5.9AI score0.0018EPSS
Exploits0Affected Software1
patchstack
patchstack
added 2026/07/06 1:20 p.m.5 views

WordPress tagDiv Opt-In Builder plugin <= 1.7.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Bonds in WordPress Plugin tagDiv Opt-In Builder versions = 1.7.4...

7.1CVSS5.9AI score0.0018EPSS
Exploits0Affected Software1
redhatcve
redhatcve
added 2026/04/29 2:49 p.m.8 views

CVE-2026-39712

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in tagDiv tagDiv Composer td-composer allows Code Injection.This issue affects tagDiv Composer: from n/a through = 5.4.3...

5.3CVSS5.2AI score0.00166EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/04/29 2:48 p.m.7 views

CVE-2026-39692

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tagDiv tagDiv Composer td-composer allows Stored XSS.This issue affects tagDiv Composer: from n/a through = 5.4.3...

6.5CVSS5.2AI score0.0013EPSS
Exploits0References1
euvd
euvd
added 2026/04/08 9:31 a.m.22 views

EUVD-2026-20387

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tagDiv tagDiv Composer td-composer allows Stored XSS.This issue affects tagDiv Composer: from n/a through = 5.4.3...

6.5CVSS5.9AI score0.0013EPSS
Exploits0References2
euvd
euvd
added 2026/04/08 9:31 a.m.10 views

EUVD-2026-20421

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in tagDiv tagDiv Composer td-composer allows Code Injection.This issue affects tagDiv Composer: from n/a through = 5.4.3...

5.3CVSS5.9AI score0.00166EPSS
Exploits0References2
nvd
nvd
added 2026/04/08 9:16 a.m.4 views

CVE-2026-39712

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in tagDiv tagDiv Composer td-composer allows Code Injection.This issue affects tagDiv Composer: from n/a through = 5.4.3...

5.3CVSS0.00166EPSS
Exploits0References1
Rows per page
Query Builder