Lucene search
K

20 matches found

NVD
NVD
added 2 days ago6 views

CVE-2026-57763

Contributor Cross Site Scripting XSS in Structured Content = 1.7.0 versions...

6.5CVSS0.00139EPSS
Exploits0References1
Patchstack
Patchstack
added 2 days ago6 views

WordPress Structured Content plugin <= 1.7.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by zaim in WordPress Plugin Structured Content versions = 1.7.0...

6.5CVSS5.8AI score0.00139EPSS
Exploits0Affected Software1
NVD
NVD
added 2026/03/25 5:16 p.m.4 views

CVE-2026-27051

Incorrect Privilege Assignment vulnerability in uxper Golo golo allows Privilege Escalation.This issue affects Golo: from n/a through = 1.7.0...

9.8CVSS0.00321EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/04 7:28 p.m.7 views

CVE-2026-25020

Missing Authorization vulnerability in WP connect WP Sync for Notion wp-sync-for-notion allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Sync for Notion: from n/a through = 1.7.0...

4.3CVSS5.3AI score0.00152EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/30 12:0 a.m.4 views

PT-2025-53923

Name of the Vulnerable Software and Affected Versions aizuda snail-job versions up to 1.7.0 Description A flaw exists in the FurySerializer.deserialize function within the API component of aizuda snail-job. This issue involves the deserialization of the argsStr argument, potentially allowing for...

6.5CVSS6.5AI score0.00237EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/10/23 3:14 p.m.4 views

CVE-2025-52758

Unrestricted Upload of File with Dangerous Type vulnerability in Gesundheit Bewegt GmbH Zippy zippy allows Using Malicious Files.This issue affects Zippy: from n/a through = 1.7.0...

9.1CVSS7AI score0.0043EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/22 2:32 p.m.10 views

CVE-2025-62062 WordPress Easy Post Submission plugin <= 1.7.0 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in ThemeRuby Easy Post Submission easy-post-submission allows Retrieve Embedded Sensitive Data.This issue affects Easy Post Submission: from n/a through = 1.7.0...

5.5CVSS0.00177EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-25974

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00397EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/22 12:0 a.m.5 views

PT-2025-38805

Name of the Vulnerable Software and Affected Versions Post Carousel Slider for Elementor versions through 1.7.0 Description An authorization issue exists in Post Carousel Slider for Elementor, allowing exploitation due to incorrectly configured access control security levels. Recommendations Upda...

6.5CVSS6.6AI score0.00421EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/08/21 11:27 a.m.5 views

WordPress Golo Theme <= 1.7.0 - Broken Authentication Vulnerability

Broken Authentication Vulnerability discovered by Rau má đậu xanh in WordPress Theme Golo versions = 1.7.0...

9.8CVSS6.9AI score0.00397EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/08/21 12:0 a.m.8 views

WordPress Golo Theme <= 1.7.0 is vulnerable to Broken Authentication

Software Golo Type Theme Vulnerable versions = 1.7.0 Fixed in 1.7.1 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2025-54725 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID a2ab39e8e113 Credits Aiden Required...

9.8CVSS6.5AI score0.00397EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/03/18 9:44 p.m.8 views

WordPress CozyStay theme <= 1.7.0 - Missing Authorization to Arbitrary Action Execution in ajax_handler vulnerability

Missing Authorization to Arbitrary Action Execution in ajaxhandler vulnerability discovered by Lucio Sá in WordPress Theme CozyStay versions = 1.7.0...

7.5CVSS8.9AI score0.00296EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/03/18 9:39 p.m.4 views

WordPress CozyStay theme <= 1.7.0 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Lucio Sá in WordPress Theme CozyStay versions = 1.7.0...

9.8CVSS9AI score0.00703EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/01/23 10:56 p.m.5 views

WordPress Automate Hub Free by Sperse.IO plugin <= 1.7.0 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin Automate Hub versions = 1.7.0...

6.1CVSS6.3AI score0.0046EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/12/11 11:8 p.m.2 views

WordPress Woolook plugin <= 1.7.0 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by tahu.datar Patchstack Alliance in WordPress Plugin Woolook versions = 1.7.0...

7.5CVSS7AI score0.00675EPSS
Exploits0Affected Software1
OSV
OSV
added 2024/06/08 1:15 p.m.2 views

CVE-2024-35732

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in YITH YITH Custom Login allows Stored XSS.This issue affects YITH Custom Login: from n/a through 1.7.0...

4.8CVSS5.8AI score0.00281EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/04/30 9:1 a.m.3 views

WordPress Breakdance plugin <= 1.7.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Francesco Carlucci in WordPress Plugin Breakdance versions = 1.7.0...

6.4CVSS5.7AI score0.00324EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/04/18 12:0 a.m.4 views

WordPress Plugin CataBlog 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...

7.6CVSS8.7AI score0.00519EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2023/09/04 12:24 p.m.9 views

apr: Windows out-of-bounds write in apr_socket_sendv function

A flaw was found in Apache Portable Runtime, affecting versions = 1.7.0. This issue may allow a malicious user to write beyond the end of a stack buffer and cause an integer overflow. This affects Windows environments...

9.8CVSS6AI score0.01575EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/11/01 12:0 a.m.5 views

PT-2022-18506 · Sick · Sick Sim2000St

Name of the Vulnerable Software and Affected Versions: SICK SIM2000ST versions =1.7.0 Description: A password recovery issue allows an unprivileged remote attacker to invoke the password recovery mechanism method, gaining access to the user level defined as RecoverableUserLevel. This results in...

9.8CVSS9.3AI score0.01235EPSS
Exploits0References2
Rows per page
Query Builder