Lucene search
K

5 matches found

CVE
CVE
added 2026/06/16 8:57 p.m.21 views

CVE-2026-49057

The CVE-2026-49057 entry concerns the WordPress JobSearch plugin (≤ 3.2.7) with Unauthenticated Broken Access Control. Concrete details found: affected software/product is WordPress JobSearch plugin; vulnerable component/condition is broken access control without authentication; impact is describ...

7.5CVSS5.1AI score0.00296EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/06 3:31 p.m.34 views

CVE-2026-34588 OpenEXR has a signed 32-bit Overflow in PIZ Decoder Leads to OOB Read/Write

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.1.0 to before 3.2.7, 3.3.9, and 3.4.9, internalexrundopiz advances the working wavelet pointer with signed 32-bit arithmetic. Because nx, ny, and...

8.6CVSS0.00482EPSS
Exploits1References4
OSV
OSV
added 2026/03/03 6:31 p.m.2 views

GHSA-V8JM-5VWX-CFXM DOMPurify contains a Cross-site Scripting vulnerability

DOMPurify 3.1.3 through 3.2.6 and 2.5.3 through 2.5.8 contain a cross-site scripting vulnerability that allows attackers to bypass attribute sanitization by exploiting missing textarea rawtext element validation in the SAFEFORXML regex. Attackers can include closing rawtext tags like in attribute...

6.1CVSS5.9AI score0.00245EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-58249

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In wxWidgets before 3.2.7, a crash can be triggered in wxWidgets apps when connections are refused in wxWebRequestCURL. CVE-2024-58249 Note that Nessus relies o...

3.7CVSS5AI score0.00464EPSS
Exploits0References3
NVD
NVD
added 2025/03/05 10:15 a.m.6 views

CVE-2024-13815

The The Listingo theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.2.7. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...

6.5CVSS0.00344EPSS
Exploits0References2
Rows per page
Query Builder