Lucene search
+L

5 matches found

redhatcve
redhatcve
added 2025/12/25 1:23 p.m.5 views

CVE-2025-68497

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Brainstorm Force Astra Widgets astra-widgets allows Stored XSS.This issue affects Astra Widgets: from n/a through = 1.2.16...

5.9CVSS6AI score0.00298EPSS
Exploits0References1
patchstack
patchstack
added 2025/12/11 5:59 a.m.22 views

WordPress WP CarDealer plugin <= 1.2.16 - Unauthenticated Privilege Escalation vulnerability

Unauthenticated Privilege Escalation vulnerability discovered by Foxyyy in WordPress Plugin WP CarDealer versions = 1.2.16...

9.8CVSS6.7AI score0.00305EPSS
Exploits0References1Affected Software1
cve
cve
added 2025/09/05 1:45 p.m.15 views

CVE-2025-58860

CVE-2025-58860 — WordPress Enable Latex CSRF leading to Stored XSS Affected software: KaizenCoders Enable Latex WordPress plugin (versions up to and including 1.2.16). What is affected and how: A Cross-Site Request Forgery (CSRF) vulnerability exists in Enable Latex that can lead to Stored Cross-...

7.1CVSS5.9AI score0.00108EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 3:16 a.m.8 views

CVE-2023-2289

The wordpress vertical image slider plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘searchterm’ parameter in versions up to, and including, 1.2.16 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inje...

6.1CVSS5.6AI score0.00433EPSS
Exploits0References1
osv
osv
added 2023/06/09 6:16 a.m.5 views

CVE-2023-2289

The wordpress vertical image slider plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘searchterm’ parameter in versions up to, and including, 1.2.16 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inje...

6.1CVSS7.4AI score0.00433EPSS
Exploits0References2
Rows per page
Query Builder