Lucene search
+L

22 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:16 p.m.9 views

CVE-2026-42738

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ZAYTECH Smart Online Order for Clover clover-online-orders allows Stored XSS.This issue affects Smart Online Order for Clover: from n/a through = 1.6.0...

7.1CVSS5.4AI score0.00146EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/05/27 5:0 p.m.12 views

WordPress Smart Online Order for Clover plugin <= 1.6.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by she11f in WordPress Plugin Smart Online Order for Clover versions = 1.6.0...

7.1CVSS5.8AI score0.00146EPSS
Exploits0Affected Software1
NVD
NVD
added 2026/05/27 11:16 a.m.19 views

CVE-2026-42746

Insertion of Sensitive Information Into Sent Data vulnerability in ZAYTECH Smart Online Order for Clover clover-online-orders allows Retrieve Embedded Sensitive Data.This issue affects Smart Online Order for Clover: from n/a through = 1.6.0...

7.3CVSS0.00188EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/27 9:49 a.m.10 views

CVE-2026-42746 WordPress Smart Online Order for Clover plugin <= 1.6.0 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in ZAYTECH Smart Online Order for Clover clover-online-orders allows Retrieve Embedded Sensitive Data.This issue affects Smart Online Order for Clover: from n/a through = 1.6.0...

7.3CVSS5.8AI score0.00188EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/16 7:22 p.m.7 views

CVE-2025-15635

Cross-Site Request Forgery CSRF vulnerability in ZAYTECH Smart Online Order for Clover clover-online-orders allows Cross Site Request Forgery.This issue affects Smart Online Order for Clover: from n/a through = 1.6.0...

4.3CVSS5.8AI score0.00107EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/05 1:40 p.m.6 views

CVE-2026-1674

The Gutena Forms – Contact Form, Survey Form, Feedback Form, Booking Form, and Custom Form Builder plugin for WordPress is vulnerable to unauthorized modification of data due to missing authorization within the savegutenaformsschema function in all versions up to, and including, 1.6.0. This makes...

6.5CVSS5.8AI score0.00232EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/04 11:22 a.m.4 views

CVE-2026-1674 Gutena Forms – Contact Form, Survey Form, Feedback Form, Booking Form, and Custom Form Builder <= 1.6.0 - Authenticated (Contributor+) Limited Options Update in save_gutena_forms_schema()

The Gutena Forms – Contact Form, Survey Form, Feedback Form, Booking Form, and Custom Form Builder plugin for WordPress is vulnerable to unauthorized modification of data due to missing authorization within the savegutenaformsschema function in all versions up to, and including, 1.6.0. This makes...

6.5CVSS5.8AI score0.00232EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/28 9:17 a.m.9 views

CVE-2026-24802

Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in briandilley jsonrpc4j src/main/java/com/googlecode/jsonrpc4j modules. This vulnerability is associated with program files NoCloseOutputStream.Java. This issue affects jsonrpc4j: through 1.6.0...

5.3CVSS5.9AI score0.00419EPSS
Exploits0References1
OSV
OSV
added 2026/01/27 8:38 a.m.7 views

CVE-2026-24802 Buffer Overflow Vulnerability in briandilley/jsonrpc4j

Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in briandilley jsonrpc4j src/main/java/com/googlecode/jsonrpc4j modules. This vulnerability is associated with program files NoCloseOutputStream.Java. This issue affects jsonrpc4j: through 1.6.0...

5.3CVSS5.9AI score0.00419EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/09/22 6:25 p.m.1 views

CVE-2025-53456 WordPress SEO Backlink Monitor Plugin <= 1.6.0 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in activewebsight SEO Backlink Monitor allows Cross Site Request Forgery. This issue affects SEO Backlink Monitor: from n/a through 1.6.0...

4.3CVSS6.5AI score0.00163EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/22 6:25 p.m.28 views

CVE-2025-53456 WordPress SEO Backlink Monitor plugin <= 1.8.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in activewebsight SEO Backlink Monitor seo-backlink-monitor allows Cross Site Request Forgery.This issue affects SEO Backlink Monitor: from n/a through = 1.8.0...

4.3CVSS0.00163EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/28 12:0 a.m.8 views

PT-2025-35023

Name of the Vulnerable Software and Affected Versions: WP Smart Widgets Better Post & Filter Widgets for Elementor versions through 1.6.0 Description: The software contains an Improper Neutralization of Input During Web Page Generation issue, which allows for Stored Cross-site Scripting XSS...

6.5CVSS5.5AI score0.00196EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2025/07/04 9:15 a.m.3 views

CVE-2025-30929

Missing Authorization vulnerability in amazewp fluXtore fluxtore allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects fluXtore: from n/a through = 1.6.0...

5.3CVSS5.9AI score0.00211EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/07/04 12:0 a.m.2 views

WordPress plugin fluXtore 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.3CVSS6.5AI score0.00211EPSS
Exploits0References1
OSV
OSV
added 2024/12/16 4:15 p.m.3 views

CVE-2024-54280

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Iqonic Design WPBookit allows SQL Injection.This issue affects WPBookit: from n/a through 1.6.0...

9.8CVSS7.3AI score0.00609EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/10/02 12:43 a.m.6 views

WordPress MC4WP: Mailchimp Top Bar plugin <= 1.6.0 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin MC4WP: Mailchimp Top Bar versions = 1.6.0...

6.1CVSS6.4AI score0.00364EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/09/28 12:0 a.m.13 views

PT-2024-39195 · WordPress · Simple Ldap Login

Name of the Vulnerable Software and Affected Versions: Simple LDAP Login plugin for WordPress versions up to, and including, 1.6.0 Description: The issue is related to Reflected Cross-Site Scripting due to the use of add query arg without proper escaping on the URL. This allows unauthenticated...

6.1CVSS6.8AI score0.00409EPSS
Exploits0References7
OSV
OSV
added 2024/04/29 11:15 a.m.5 views

CVE-2024-33589

Missing Authorization vulnerability in WPOmnia KB Support.This issue affects KB Support: from n/a through 1.6.0...

6.5CVSS5.8AI score0.00466EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/12/14 12:0 a.m.3 views

PT-2023-31394 · Unknown · Twinpictures Annual Archive

Name of the Vulnerable Software and Affected Versions: Twinpictures Annual Archive versions n/a through 1.6.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker...

6.5CVSS6.1AI score0.00385EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/08/21 12:0 a.m.8 views

PT-2023-29265 · Unknown · Jeecgboot Jimureport

Name of the Vulnerable Software and Affected Versions: jeecgboot JimuReport versions up to 1.6.0 Description: A critical issue was found in the Template Handler component, allowing for remote injection attacks. The exploit has been disclosed publicly. Recommendations: For jeecgboot JimuReport...

9.8CVSS7.6AI score0.11407EPSS
Exploits0References8
Rows per page
Query Builder