Lucene search
K

16 matches found

Cvelist
Cvelist
added 2026/03/25 4:14 p.m.24 views

CVE-2026-25025 WordPress VikRestaurants plugin <= 1.5.2 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in e4jvikwp VikRestaurants vikrestaurants allows Reflected XSS.This issue affects VikRestaurants: from n/a through = 1.5.2...

7.1CVSS0.0023EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/24 3:18 p.m.5 views

CVE-2026-24598

Missing Authorization vulnerability in bestwebsoft Multilanguage by BestWebSoft multilanguage allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Multilanguage by BestWebSoft: from n/a through = 1.5.2...

4.3CVSS5.4AI score0.00255EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/25 1:23 p.m.5 views

CVE-2025-67629

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Basticom Basticom Framework basticom-framework allows Stored XSS.This issue affects Basticom Framework: from n/a through = 1.5.2...

5.9CVSS6AI score0.00172EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/12/21 11:51 a.m.7 views

WordPress Basticom Framework plugin <= 1.5.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Muhammad Nur Ibnu Hubab in WordPress Plugin Basticom Framework versions = 1.5.2...

5.4CVSS6.1AI score0.00172EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/18 12:0 a.m.4 views

PT-2025-52115

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes OnLeash onleash allows PHP Local File Inclusion.This issue affects OnLeash: from n/a through = 1.5.2...

7.1AI score0.00415EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/11/03 10:23 p.m.7 views

WordPress Community Events plugin <= 1.5.2 - Unauthenticated Stored Cross-Site Scripting vulnerability

Unauthenticated Stored Cross-Site Scripting vulnerability discovered by ifoundbug in WordPress Plugin Community Events versions = 1.5.2...

7.2CVSS5.5AI score0.00265EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-50057

Malicious code in bioql PyPI...

5.9CVSS6.4AI score0.00409EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-24910

Malicious code in bioql PyPI...

5.9CVSS6.5AI score0.0017EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/09/25 11:32 p.m.8 views

WordPress CM Business Directory plugin <= 1.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by theviper17y in WordPress Plugin CM Business Directory versions = 1.5.2...

6.4CVSS5.4AI score0.00223EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/08/14 6:21 p.m.13 views

CVE-2025-54728 WordPress CM On Demand Search And Replace Plugin <= 1.5.2 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in CreativeMindsSolutions CM On Demand Search And Replace cm-on-demand-search-and-replace allows Cross Site Request Forgery.This issue affects CM On Demand Search And Replace: from n/a through = 1.5.2...

4.3CVSS0.00119EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:3 a.m.6 views

CVE-2024-29816

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in htdat Woo Viet allows Stored XSS.This issue affects Woo Viet: from n/a through 1.5.2...

5.9CVSS8.6AI score0.00359EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/03/24 1:4 p.m.6 views

WordPress Flipdish Ordering System plugin <= 1.5.2 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability

Cross Site Request Forgery CSRF to Settings Change vulnerability discovered by Nabil Irawan in WordPress Plugin Flipdish Ordering System versions = 1.5.2...

4.3CVSS6.9AI score0.0017EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2025/02/14 12:0 a.m.6 views

WordPress plugin Bit Assist SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

6.5CVSS8.8AI score0.00548EPSS
Exploits0References5
Patchstack
Patchstack
added 2024/11/11 7:12 a.m.5 views

WordPress Instant Image Generator (One Click Image Uploads from Pixabay, Pexels and OpenAI) plugin <= 1.5.2 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin Instant Image Generator versions = 1.5.2...

10CVSS7AI score0.00496EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/04/08 8:48 a.m.4 views

WordPress Ultimate Store Kit Elementor Addons plugin <= 1.5.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Ray Wilson Patchstack Alliance in WordPress Plugin Ultimate Store Kit Elementor Addons versions = 1.5.2...

6.5CVSS6.1AI score0.00357EPSS
Exploits0Affected Software1
OSV
OSV
added 2022/07/11 1:15 p.m.2 views

CVE-2022-1546

The WooCommerce - Product Importer WordPress plugin through 1.5.2 does not sanitise and escape the imported data before outputting it back in the page, leading to a Reflected Cross-Site Scripting...

6.1CVSS5.8AI score0.00739EPSS
Exploits2References1
Rows per page
Query Builder