107421 matches found
CVE-2026-7796
The EmbedPress – PDF Embedder, Embed PDF viewer, YouTube Videos, 3D FlipBook, Social feeds & more plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the block 'url' attribute in all versions up to, and including, 4.5.3 due to insufficient input sanitization and output escaping...
CVE-2026-7796 EmbedPress <= 4.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Block 'url' Attribute
The EmbedPress – PDF Embedder, Embed PDF viewer, YouTube Videos, 3D FlipBook, Social feeds & more plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the block 'url' attribute in all versions up to, and including, 4.5.3 due to insufficient input sanitization and output escaping...
EUVD-2026-34951
The EmbedPress – PDF Embedder, Embed PDF viewer, YouTube Videos, 3D FlipBook, Social feeds & more plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the block 'url' attribute in all versions up to, and including, 4.5.3 due to insufficient input sanitization and output escaping...
CVE-2026-7796 EmbedPress <= 4.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Block 'url' Attribute
The EmbedPress – PDF Embedder, Embed PDF viewer, YouTube Videos, 3D FlipBook, Social feeds & more plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the block 'url' attribute in all versions up to, and including, 4.5.3 due to insufficient input sanitization and output escaping...
CVE-2026-9280 Ad Inserter <= 2.8.15 - Reflected Cross-Site Scripting via URL Parameters in iframe Mode
The Ad Inserter – Ad Manager & AdSense Ads plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URL Parameters in iframe Mode in all versions up to, and including, 2.8.15 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...
EUVD-2026-34945
The Ad Inserter – Ad Manager & AdSense Ads plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URL Parameters in iframe Mode in all versions up to, and including, 2.8.15 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...
CVE-2026-9280
The Ad Inserter – Ad Manager & AdSense Ads plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URL Parameters in iframe Mode in all versions up to, and including, 2.8.15 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...
CVE-2026-50234
creationtimestamp| type| source ---|---|--- 2026-06-06 02:00:30+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mnlkm5gd2r2q...
CVE-2026-9719
creationtimestamp| type| source ---|---|--- 2026-06-06 01:44:56+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnljqeibuv2e 2026-06-13 12:16:07+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mo6abgshyp2i...
CVE-2026-8976
creationtimestamp| type| source ---|---|--- 2026-06-06 01:34:55+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnlj6h4kwh2t 2026-06-13 11:16:06+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mo64w4ziiw2x...
CVE-2026-10038
creationtimestamp| type| source ---|---|--- 2026-06-06 00:39:46+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnlg3tfxl72o...
Mage AI 代码注入漏洞
Mage AI is an intelligent program developed by Mage OpenSource, used for building, running, and managing data pipelines. Versions of Mage AI 0.9.79 and earlier contained a code injection vulnerability. This vulnerability stemmed from the use of the query.redirecturl parameter in the useMutation...
PT-2026-47158
Name of the Vulnerable Software and Affected Versions Mage AI versions prior to 0.9.80 Description A cross-site scripting issue exists in the Sign-in Flow component within the useMutation function of the file mage ai/frontend/components/Sessions/SignForm/index.tsx. Manipulation of the...
WordPress plugin Ad Inserter – Ad Manager & AdSense Ads 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
PT-2026-47138
Name of the Vulnerable Software and Affected Versions Ad Inserter – Ad Manager & AdSense Ads versions prior to 2.8.16 Description The plugin is subject to Reflected Cross-Site Scripting XSS, a flaw where an application includes untrusted data in a web page without proper validation, allowing...
RHEL 10 : osbuild-composer (RHSA-2026:22450)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:22450 advisory. A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building...
CVE-2026-11431
creationtimestamp| type| source ---|---|--- 2026-06-05 23:40:47+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnlcsdqg4p2s...
CVE-2026-11424
creationtimestamp| type| source ---|---|--- 2026-06-05 23:35:46+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnlcjfbp5z27...
CVE-2026-11422
creationtimestamp| type| source ---|---|--- 2026-06-05 23:20:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnlbojk7yw22...
CVE-2023-39312
creationtimestamp| type| source ---|---|--- 2026-06-05 23:00:34+00:00| seen| https://bsky.app/profile/hugovalters.bsky.social/post/3mnlakgrfx522...