Lucene search
K

4 matches found

OSV
OSV
added 2026/03/24 3:30 p.m.5 views

CVE-2026-33668 Vikunja Allows Disabled/Locked User Accounts to Authenticate via API Tokens, CalDAV, and OpenID Connect

Vikunja is an open-source self-hosted task management platform. Starting in version 0.18.0 and prior to version 2.2.1, when a user account is disabled or locked, the status check is only enforced on the local login and JWT token refresh paths. Three other authentication paths — API tokens, CalDAV...

7.1CVSS6.3AI score0.00453EPSS
Exploits1References8
CNNVD
CNNVD
added 2025/01/15 12:0 a.m.5 views

WordPress plugin Elementor AI Addons 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin.... A cross-site scripting...

6.5CVSS7.8AI score0.00269EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/17 12:0 a.m.4 views

WordPress plugin Clearfy Cache 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.3CVSS6.7AI score0.00188EPSS
Exploits0References2
OSV
OSV
added 2023/11/14 10:15 p.m.1 views

CVE-2023-47522

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Photo Feed plugin = 2.2.1 versions...

6.1CVSS7.3AI score0.00412EPSS
Exploits0References1
Rows per page
Query Builder