Lucene search
K

29 matches found

Vulnrichment
Vulnrichment
added 2026/04/15 4:2 p.m.4 views

CVE-2026-6370 WordPress Mini Ajax Cart for WooCommerce plugin <= 1.3.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HashThemes Mini Ajax Cart for WooCommerce allows Stored XSS.This issue affects Mini Ajax Cart for WooCommerce: from n/a through 1.3.4...

5.9CVSS5.8AI score0.00138EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/04/15 3:59 p.m.6 views

WordPress Mini Ajax Cart for WooCommerce plugin <= 1.3.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Ali Osman ERBAS 0110m4n in WordPress Plugin Mini Ajax Cart for WooCommerce versions = 1.3.4...

5.9CVSS5.8AI score0.00138EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/04/13 7:25 p.m.4 views

CVE-2026-39709

Insertion of Sensitive Information Into Sent Data vulnerability in thetechtribe The Tribal the-tech-tribe allows Retrieve Embedded Sensitive Data.This issue affects The Tribal: from n/a through = 1.3.4...

5.3CVSS5.8AI score0.00201EPSS
Exploits0References1
NVD
NVD
added 2026/04/08 9:16 a.m.3 views

CVE-2026-39709

Insertion of Sensitive Information Into Sent Data vulnerability in thetechtribe The Tribal the-tech-tribe allows Retrieve Embedded Sensitive Data.This issue affects The Tribal: from n/a through = 1.3.4...

5.3CVSS0.00201EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/13 11:42 a.m.2 views

CVE-2026-32449

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themifyme Themify Event Post themify-event-post allows Stored XSS.This issue affects Themify Event Post: from n/a through = 1.3.4...

5.8AI score0.00133EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/06 7:52 a.m.4 views

CVE-2026-22477

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Felizia felizia allows PHP Local File Inclusion.This issue affects Felizia: from n/a through = 1.3.4...

8.1CVSS5.8AI score0.00403EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/05 6:30 a.m.4 views

EUVD-2026-9728

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Rhythmo rhythmo allows PHP Local File Inclusion.This issue affects Rhythmo: from n/a through = 1.3.4...

8.1CVSS5.9AI score0.00403EPSS
Exploits0References2
NVD
NVD
added 2026/02/06 9:15 a.m.9 views

CVE-2026-1252

The Events Listing Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Event URL' parameter in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level...

6.4CVSS0.00248EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/01/23 9:17 p.m.6 views

CVE-2025-69039

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in goalthemes Bailly bailly allows PHP Local File Inclusion.This issue affects Bailly: from n/a through = 1.3.4...

8.1CVSS5.5AI score0.00512EPSS
Exploits0References1
NVD
NVD
added 2026/01/22 5:16 p.m.3 views

CVE-2025-69184

Missing Authorization vulnerability in e-plugins Institutions Directory institutions-directory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Institutions Directory: from n/a through = 1.3.4...

7.3CVSS0.00219EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/22 4:52 p.m.2 views

CVE-2025-69184

Missing Authorization vulnerability in e-plugins Institutions Directory institutions-directory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Institutions Directory: from n/a through = 1.3.4...

7.3CVSS5.2AI score0.00219EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/22 4:52 p.m.2 views

CVE-2025-69184 WordPress Institutions Directory plugin <= 1.3.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in e-plugins Institutions Directory institutions-directory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Institutions Directory: from n/a through = 1.3.4...

7.3CVSS5.9AI score0.00219EPSS
Exploits0References1
CVE
CVE
added 2026/01/22 4:52 p.m.9 views

CVE-2025-69039

CVE-2025-69039 is an unauthenticated Local File Inclusion vulnerability in the WordPress theme Bailly (DesignThemes Bailly/Bailly) affecting versions up to and including 1.3.4. The issue arises from improper control of the filename used in PHP include/require statements, enabling an attacker to p...

8.1CVSS5.5AI score0.00512EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/01/22 5:57 a.m.6 views

WordPress Lawyer Directory plugin <= 1.3.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Lawyer Directory versions = 1.3.4...

7.3CVSS5.4AI score0.00288EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2025/12/16 9:31 a.m.4 views

EUVD-2025-203554

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LambertGroup xPromoter topbarpromoter allows Blind SQL Injection.This issue affects xPromoter: from n/a through = 1.3.4...

8.5CVSS7.1AI score0.00205EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2023-40478

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.00679EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/08/23 1:4 p.m.5 views

WordPress Kipso Theme <= 1.3.4 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Kipso versions = 1.3.4...

8.1CVSS7AI score0.00404EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/06/23 11:55 a.m.4 views

WordPress Sofass theme <= 1.3.4 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Phat RiO - BlueRock in WordPress Theme Sofass versions = 1.3.4...

8.1CVSS7AI score0.00489EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/02/23 2:36 p.m.4 views

WordPress Services Section block plugin <= 1.3.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Logan Cote Patchstack Alliance in WordPress Plugin Services Section block versions = 1.3.4...

6.5CVSS6.1AI score0.00243EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/02/03 8:24 p.m.5 views

WordPress Distance Rate Shipping for WooCommerce plugin <= 1.3.4 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Jingle Bells in WordPress Plugin Distance Rate Shipping for WooCommerce versions = 1.3.4...

8.5CVSS8.1AI score0.00338EPSS
Exploits0Affected Software1
Rows per page
Query Builder