Lucene search
K

21 matches found

NVD
NVD
added 2026/06/26 3:16 p.m.6 views

CVE-2026-56038

Contributor Privilege Escalation in Frisbii Pay = 1.8.2 versions...

8.8CVSS0.00232EPSS
Exploits0References1
NVD
NVD
added 2026/06/15 9:17 p.m.14 views

CVE-2026-52695

Unauthenticated Sensitive Data Exposure in ABC Crypto Checkout = 1.8.2 versions...

7.5CVSS0.00243EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.14 views

PT-2026-49520

Unauthenticated Sensitive Data Exposure in ABC Crypto Checkout = 1.8.2 versions...

7.5CVSS5.2AI score0.00243EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/06/10 9:1 a.m.7 views

WordPress ABC Crypto Checkout plugin <= 1.8.2 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by xwii in WordPress Plugin ABC Crypto Checkout versions = 1.8.2...

7.5CVSS5.3AI score0.00243EPSS
Exploits0Affected Software1
NVD
NVD
added 2026/03/25 5:16 p.m.3 views

CVE-2026-25346

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ays Pro FAQ Builder AYS faq-builder-ays allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FAQ Builder AYS: from n/a through = 1.8.2...

7.1CVSS0.00175EPSS
Exploits0References1
CVE
CVE
added 2026/03/25 4:14 p.m.11 views

CVE-2026-25346

CVE-2026-25346 is an unauthenticated stored XSS vulnerability in the WordPress plugin FAQ Builder AYS (AYS faq-builder-ays), affecting versions from n/a up to and including 1.8.2. The CVE entry uses CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L with a base score of 7.1 (HIGH). Connected sources co...

7.1CVSS5.8AI score0.00175EPSS
Exploits0References1
NVD
NVD
added 2026/02/03 3:16 p.m.30 views

CVE-2026-24985

Missing Authorization vulnerability in approveme WP Forms Signature Contract Add-On wp-forms-signature-contract-add-on allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Forms Signature Contract Add-On: from n/a through = 1.8.2...

4.3CVSS0.00185EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/03 2:8 p.m.5 views

EUVD-2026-5243

Missing Authorization vulnerability in approveme WP Forms Signature Contract Add-On wp-forms-signature-contract-add-on allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Forms Signature Contract Add-On: from n/a through = 1.8.2...

4.3CVSS5.3AI score0.00185EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/23 9:15 p.m.4 views

CVE-2025-64252

Server-Side Request Forgery SSRF vulnerability in Marco Milesi ANAC XML Viewer anac-xml-viewer allows Server Side Request Forgery.This issue affects ANAC XML Viewer: from n/a through = 1.8.2...

4.9CVSS5.4AI score0.00194EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/22 4:51 p.m.1 views

CVE-2025-64252

Server-Side Request Forgery SSRF vulnerability in Marco Milesi ANAC XML Viewer anac-xml-viewer allows Server Side Request Forgery.This issue affects ANAC XML Viewer: from n/a through = 1.8.2...

4.9CVSS5.3AI score0.00194EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/22 4:51 p.m.5 views

CVE-2025-5805 WordPress Electron theme <= 1.8.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Ninetheme Electron electron allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Electron: from n/a through = 1.8.2...

6.5CVSS5.9AI score0.00311EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.10 views

PT-2026-3991

Name of the Vulnerable Software and Affected Versions Electron versions through 1.8.2 Description An authorization issue exists in Ninetheme Electron, allowing exploitation of incorrectly configured access control security levels. Recommendations Update to a version of Electron newer than 1.8.2...

6.4AI score0.00311EPSS
Exploits0References3
Patchstack
Patchstack
added 2026/01/19 4:34 a.m.7 views

WordPress WP Forms Signature Contract Add-On plugin <= 1.8.2 - Broken Access Control to Notice Dismissal vulnerability

Broken Access Control to Notice Dismissal vulnerability discovered by Nabil Irawan in WordPress Plugin WP Forms Signature Contract Add-On versions = 1.8.2...

4.3CVSS5.3AI score0.00185EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/12/17 10:3 a.m.4 views

CVE-2025-68078

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeNectar Salient Portfolio salient-portfolio allows Stored XSS.This issue affects Salient Portfolio: from n/a through = 1.8.2...

6.5CVSS6AI score0.00133EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/16 9:31 a.m.4 views

EUVD-2025-203540

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeNectar Salient Portfolio salient-portfolio allows Stored XSS.This issue affects Salient Portfolio: from n/a through = 1.8.2...

5.5AI score0.00133EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 10:3 a.m.6 views

CVE-2024-30192

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GS Plugins GS Pins for Pinterest allows Stored XSS.This issue affects GS Pins for Pinterest: from n/a through 1.8.2...

6.5CVSS8.6AI score0.00271EPSS
Exploits0References1
OSV
OSV
added 2025/02/20 1:15 p.m.4 views

CVE-2025-1039

The Lenix Elementor Leads addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a URL form field in all versions up to, and including, 1.8.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary w...

6.1CVSS7.4AI score0.00408EPSS
Exploits1References3
Patchstack
Patchstack
added 2025/02/01 10:2 p.m.4 views

WordPress WP Event Aggregator Plugin <= 1.8.2 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 in WordPress Plugin WP Event Aggregator versions = 1.8.2...

7.1CVSS6.1AI score0.00245EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/10/15 1:19 p.m.4 views

WordPress Kama SpamBlock plugin <= 1.8.2 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin Kama SpamBlock versions = 1.8.2...

6.1CVSS6.3AI score0.00355EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/03/27 7:15 a.m.2 views

CVE-2024-30192

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GS Plugins GS Pins for Pinterest allows Stored XSS.This issue affects GS Pins for Pinterest: from n/a through 1.8.2...

5.9CVSS5.8AI score0.00271EPSS
Exploits0References1
Rows per page
Query Builder