Lucene search
+L

23 matches found

nvd
nvd
added 6 days ago7 views

CVE-2026-6801

The Context Blog theme for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.3.5 via the contextblogmodalpopup. This makes it possible for unauthenticated attackers to extract the content of password-protected posts...

5.3CVSS0.00239EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/03/13 11:42 a.m.4 views

CVE-2026-32455

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RealMag777 MDTF wp-meta-data-filter-and-taxonomy-filter allows DOM-Based XSS.This issue affects MDTF: from n/a through = 1.3.5...

5.8AI score0.00129EPSS
Exploits0References2
cve
cve
added 2026/02/20 3:46 p.m.9 views

CVE-2025-68846

CVE-2025-68846 is a Reflected XSS affecting WordPress plugin Asynchronous Javascript (versions 1.3.5 (or later as released). Technical details are supported by connected Red Hat, NVD, CVE, and PatchStack entries indicating an XSS vulnerability in this plugin and the stated affected range; no exp...

7.1CVSS5.5AI score0.00175EPSS
Exploits0References1
cvelist
cvelist
added 2026/02/20 3:46 p.m.24 views

CVE-2025-68846 WordPress Asynchronous Javascript plugin <= 1.3.5 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Paris Holley Asynchronous Javascript asynchronous-javascript allows Reflected XSS.This issue affects Asynchronous Javascript: from n/a through = 1.3.5...

7.1CVSS0.00175EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/02/04 7:28 p.m.4 views

CVE-2026-25016

Missing Authorization vulnerability in Nelio Software Nelio Popups nelio-popups allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Nelio Popups: from n/a through = 1.3.5...

4.3CVSS5.3AI score0.00152EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/02/03 2:8 p.m.6 views

CVE-2026-25016 WordPress Nelio Popups plugin <= 1.3.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in Nelio Software Nelio Popups nelio-popups allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Nelio Popups: from n/a through = 1.3.5...

4.3CVSS5.3AI score0.00152EPSS
Exploits0References1
cve
cve
added 2026/02/03 2:8 p.m.20 views

CVE-2026-25016

CVE-2026-25016 concerns the Nelio Popups WordPress plugin. The issue is a Missing Authorization vulnerability caused by incorrectly configured access control, affecting Nelio Popups versions up to and including 1.3.5. Wordfence and CVE listings identify the flaw and note that a fix exists in newe...

4.3CVSS5.3AI score0.00152EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/02/03 2:8 p.m.2 views

CVE-2026-25016

Missing Authorization vulnerability in Nelio Software Nelio Popups nelio-popups allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Nelio Popups: from n/a through = 1.3.5...

4.3CVSS5.3AI score0.00152EPSS
Exploits0References2
euvd
euvd
added 2026/02/03 2:8 p.m.10 views

EUVD-2026-5301

Missing Authorization vulnerability in Nelio Software Nelio Popups nelio-popups allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Nelio Popups: from n/a through = 1.3.5...

4.3CVSS5.3AI score0.00152EPSS
Exploits0References1
patchstack
patchstack
added 2026/02/03 9:15 a.m.6 views

WordPress IMS Countdown plugin <= 1.3.5 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by SOPROBRO in WordPress Plugin IMS Countdown versions = 1.3.5...

6.4CVSS5.3AI score0.00358EPSS
Exploits0References1Affected Software1
redhatcve
redhatcve
added 2026/01/01 1:34 p.m.6 views

CVE-2025-62750

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Filipe Seabra WooCommerce Parcelas woocommerce-parcelas allows DOM-Based XSS.This issue affects WooCommerce Parcelas: from n/a through = 1.3.5...

5.9CVSS5.9AI score0.00182EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/12/31 11:5 a.m.4 views

CVE-2025-69010

Missing Authorization vulnerability in themebeez Themebeez Toolkit themebeez-toolkit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Themebeez Toolkit: from n/a through = 1.3.5...

5.3CVSS7AI score0.00214EPSS
Exploits0References1
euvd
euvd
added 2025/12/30 12:30 p.m.4 views

EUVD-2025-205733

Missing Authorization vulnerability in themebeez Themebeez Toolkit themebeez-toolkit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Themebeez Toolkit: from n/a through = 1.3.5...

5.3CVSS6.5AI score0.00214EPSS
Exploits0References2
nvd
nvd
added 2025/12/30 11:15 a.m.13 views

CVE-2025-69010

Missing Authorization vulnerability in themebeez Themebeez Toolkit themebeez-toolkit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Themebeez Toolkit: from n/a through = 1.3.5...

5.3CVSS0.00214EPSS
Exploits0References1
nvd
nvd
added 2025/12/30 11:15 a.m.4 views

CVE-2025-69014

Server-Side Request Forgery SSRF vulnerability in Youzify Youzify youzify allows Server Side Request Forgery.This issue affects Youzify: from n/a through = 1.3.7...

4.9CVSS0.00141EPSS
Exploits0References1
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-28202

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00174EPSS
Exploits0References1
patchstack
patchstack
added 2025/08/09 2:52 a.m.9 views

WordPress WP Gravity Forms FreshDesk plugin plugin <= 1.3.5 - Deserialization of untrusted data vulnerability

Deserialization of untrusted data vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin WP Gravity Forms FreshDesk Plugin versions = 1.3.5...

9.8CVSS7AI score0.00386EPSS
Exploits0Affected Software1
patchstack
patchstack
added 2025/03/31 1:57 p.m.3 views

WordPress ACME Divi Modules plugin <= 1.3.5 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin ACME Divi Modules versions = 1.3.5...

4.3CVSS7AI score0.00283EPSS
Exploits0Affected Software1
cnnvd
cnnvd
added 2025/01/11 12:0 a.m.5 views

WordPress plugin Coupon X 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...

7.5CVSS8.3AI score0.0054EPSS
Exploits0References2
patchstack
patchstack
added 2024/11/22 9:4 p.m.6 views

WordPress WPDash Notes plugin <= 1.3.5 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure vulnerability

Missing Authorization to Authenticated Subscriber+ Sensitive Information Exposure vulnerability discovered by Francesco Carlucci in WordPress Plugin WPDash Notes versions = 1.3.5...

4.3CVSS6.9AI score0.00358EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder