Lucene search
+L

8 matches found

NVD
NVD
added 2026/06/17 1:19 p.m.8 views

CVE-2025-69104

Unauthenticated Cross Site Scripting XSS in Qreatix = 1.9.4 versions...

7.1CVSS0.00237EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 8:56 p.m.23 views

CVE-2025-69104 WordPress Qreatix theme <= 1.9.4 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Qreatix = 1.9.4 versions...

7.1CVSS0.00237EPSS
Exploits0References1
NVD
NVD
added 2026/06/05 7:16 p.m.13 views

CVE-2026-10580

The Hippoo Mobile App for WooCommerce plugin for WordPress is vulnerable to Authentication Bypass leading to Administrator Account Takeover in all versions up to and including 1.9.4. This is due to a logic conflation in HippooPermissions::getuserpermissions, which returns the same null sentinel f...

9.8CVSS0.02841EPSS
Exploits1References9
NVD
NVD
added 2026/04/14 3:16 p.m.4 views

CVE-2025-69993

Leaflet versions up to and including 1.9.4 are vulnerable to Cross-Site Scripting XSS via the bindPopup method. This method renders user-supplied input as raw HTML without sanitization, allowing attackers to inject arbitrary JavaScript code through event handler attributes e.g., . When a victim...

6.1CVSS0.00191EPSS
Exploits2References2
Patchstack
Patchstack
added 2025/08/24 10:24 a.m.8 views

WordPress WP Last Modified Info plugin <= 1.9.4 - Remote Code Execution (RCE) vulnerability

Remote Code Execution RCE vulnerability discovered by zaim in WordPress Plugin WP Last Modified Info versions = 1.9.4...

7.4CVSS7.4AI score0.00254EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2025/08/14 10:34 a.m.11 views

CVE-2025-25172 WordPress VidMov <= 1.9.4 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in beeteam368 VidMov vidmov allows PHP Local File Inclusion.This issue affects VidMov: from n/a through = 1.9.4...

8.1CVSS0.00519EPSS
Exploits0References1
CVE
CVE
added 2025/08/14 10:34 a.m.21 views

CVE-2025-25172

CVE-2025-25172 affects VidMov WordPress Theme (

8.1CVSS5.9AI score0.00519EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/03/20 12:0 a.m.9 views

PT-2024-18242 · Mediavine · Create By Mediavine Plugin For Wordpress

Name of the Vulnerable Software and Affected Versions: Create by Mediavine plugin for WordPress versions up to, and including, 1.9.4 Description: The issue allows for SQL Injection via the id parameter due to insufficient escaping on the user-supplied parameter and lack of sufficient preparation ...

9.8CVSS9.9AI score0.0073EPSS
Exploits0References4
Rows per page
Query Builder