Lucene search
K

250 matches found

EUVD
EUVD
added yesterday5 views

EUVD-2026-41819

The Ultimate Member WordPress plugin before 2.12.0 does not properly sanitise and escape the value of custom textarea profile fields before outputting it on user profiles, allowing authenticated users with Subscriber-level access and above to store JavaScript that executes when any user, includin...

8CVSS6AI score0.00165EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday16 views

CVE-2026-11766 Ultimate Member < 2.12.0 - Subscriber+ Stored XSS via Custom Textarea Profile Fields

The Ultimate Member WordPress plugin before 2.12.0 does not properly sanitise and escape the value of custom textarea profile fields before outputting it on user profiles, allowing authenticated users with Subscriber-level access and above to store JavaScript that executes when any user, includin...

0.00165EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added yesterday4 views

CVE-2026-11766

The Ultimate Member WordPress plugin before 2.12.0 does not properly sanitise and escape the value of custom textarea profile fields before outputting it on user profiles, allowing authenticated users with Subscriber-level access and above to store JavaScript that executes when any user, includin...

8CVSS6AI score0.00165EPSS
Exploits0References1
CVE
CVE
added yesterday10 views

CVE-2026-11766

CVE-2026-11766 affects the Ultimate Member WordPress plugin (before 2.12.0). The vulnerability is a stored XSS in custom textarea profile fields: unescaped/sanitised values are output on user profiles, enabling an authenticated user with Subscriber-level access and above to inject JavaScript that...

8CVSS6AI score0.00165EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.18 views

PT-2026-48393

The MW WP Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'memo' parameter in all versions up to, and including, 5.1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with editor-level access and above,...

4.4CVSS5.7AI score0.00201EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/06/05 7:28 p.m.8 views

CVE-2026-4142

The Sentence To SEO keywords, description and tags plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Permanent keywords' field in all versions up to and including 1.0. This is due to insufficient input sanitization and output escaping. The plugin reads user input via...

4.4CVSS5.7AI score0.00326EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:27 p.m.10 views

CVE-2026-40186

ApostropheCMS is an open-source Node.js content management system. A regression introduced in commit 49d0bb7, included in versions 2.17.1 of the ApostropheCMS-maintained sanitize-html package bypasses allowedTags enforcement for text inside nonTextTagsArray elements textarea and option...

6.1CVSS5.7AI score0.00235EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:26 p.m.9 views

CVE-2026-39960

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and below contain flawed logic that causes improper escaping of a textarea custom field's contents in the Update Issue page, bugupdatepage.php allowing an attacker to inject HTML and, if CSP settings permit, execute...

5.4CVSS5.7AI score0.0023EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/30 8:13 a.m.15 views

CVE-2026-41897

Mantis Bug Tracker MantisBT is an open source issue tracker. From 1.0.0 to 2.28.1, lack of validation of filtertarget parameter on returndynamicfilters.php normally used as an AJAX in View Issues Page allows an attacker to inject arbitrary HTML if the target is a TEXTAREA custom field. This...

5.3CVSS5.9AI score0.00281EPSS
Exploits0References1
NVD
NVD
added 2026/05/28 9:16 p.m.12 views

CVE-2026-41897

Mantis Bug Tracker MantisBT is an open source issue tracker. From 1.0.0 to 2.28.1, lack of validation of filtertarget parameter on returndynamicfilters.php normally used as an AJAX in View Issues Page allows an attacker to inject arbitrary HTML if the target is a TEXTAREA custom field. This...

5.3CVSS0.00281EPSS
Exploits0References3
CVE
CVE
added 2026/05/28 8:26 p.m.22 views

CVE-2026-41897

CVE-2026-41897 affects MantisBT (Mantis Bug Tracker) from versions 1.0.0 through 2.28.1. The root cause is lack of validation of the filter_target parameter in return_dynamic_filters.php, used for AJAX on the View Issues page, which allows an attacker to inject arbitrary HTML when the target is a...

5.3CVSS5.9AI score0.00281EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/28 8:26 p.m.28 views

CVE-2026-41897 MantisBT: Reflected XSS in Rendering Dynamic Custom Textarea Field

Mantis Bug Tracker MantisBT is an open source issue tracker. From 1.0.0 to 2.28.1, lack of validation of filtertarget parameter on returndynamicfilters.php normally used as an AJAX in View Issues Page allows an attacker to inject arbitrary HTML if the target is a TEXTAREA custom field. This...

5.3CVSS0.00281EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/28 8:26 p.m.11 views

EUVD-2026-33024

Mantis Bug Tracker MantisBT is an open source issue tracker. From 1.0.0 to 2.28.1, lack of validation of filtertarget parameter on returndynamicfilters.php normally used as an AJAX in View Issues Page allows an attacker to inject arbitrary HTML if the target is a TEXTAREA custom field. This...

5.3CVSS5.9AI score0.00281EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/28 8:26 p.m.11 views

CVE-2026-41897

Mantis Bug Tracker MantisBT is an open source issue tracker. From 1.0.0 to 2.28.1, lack of validation of filtertarget parameter on returndynamicfilters.php normally used as an AJAX in View Issues Page allows an attacker to inject arbitrary HTML if the target is a TEXTAREA custom field. This...

5.3CVSS5.9AI score0.00281EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2026/05/20 10:16 p.m.16 views

CVE-2026-39960

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and below contain flawed logic that causes improper escaping of a textarea custom field's contents in the Update Issue page, bugupdatepage.php allowing an attacker to inject HTML and, if CSP settings permit, execute...

5.4CVSS0.0023EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/20 9:11 p.m.7 views

CVE-2026-39960

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and below contain flawed logic that causes improper escaping of a textarea custom field's contents in the Update Issue page, bugupdatepage.php allowing an attacker to inject HTML and, if CSP settings permit, execute...

5.4CVSS6AI score0.0023EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/05/20 9:11 p.m.24 views

CVE-2026-39960

MantisBT (versions ≤ 2.28.1) is vulnerable to Stored XSS via improper escaping of a textarea custom field on the Update Issue page (bug_update_page.php). The flaw allows an attacker, authenticated with bug report permission, to inject HTML and potentially execute JavaScript when the page loads, e...

5.4CVSS6AI score0.0023EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/20 9:11 p.m.8 views

CVE-2026-39960 MantisBT is Vulnerable to Stored XSS through Custom Field Textarea Values

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and below contain flawed logic that causes improper escaping of a textarea custom field's contents in the Update Issue page, bugupdatepage.php allowing an attacker to inject HTML and, if CSP settings permit, execute...

5.4CVSS6AI score0.0023EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/20 9:11 p.m.15 views

EUVD-2026-31192

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and below contain flawed logic that causes improper escaping of a textarea custom field's contents in the Update Issue page, bugupdatepage.php allowing an attacker to inject HTML and, if CSP settings permit, execute...

5.4CVSS6AI score0.0023EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/20 9:11 p.m.30 views

CVE-2026-39960 MantisBT is Vulnerable to Stored XSS through Custom Field Textarea Values

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and below contain flawed logic that causes improper escaping of a textarea custom field's contents in the Update Issue page, bugupdatepage.php allowing an attacker to inject HTML and, if CSP settings permit, execute...

5.4CVSS0.0023EPSS
Exploits0References2
Rows per page
Query Builder