Lucene search
+L

9 matches found

EUVD
EUVD
added 2026/04/02 6:31 a.m.6 views

EUVD-2026-18120

A vulnerability was detected in vanna-ai vanna up to 2.0.2. Affected by this vulnerability is an unknown functionality of the file /api/vanna/v2/ of the component Chat API Endpoint. Performing a manipulation results in missing authentication. The attack can be initiated remotely. The exploit is n...

7.5CVSS5.6AI score0.00414EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/01/22 4:51 p.m.24 views

CVE-2025-66141 WordPress Scroller plugin <= 2.0.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in merkulove Scroller scroller allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Scroller: from n/a through = 2.0.2...

5.4CVSS0.00245EPSS
Exploits0References1
NVD
NVD
added 2025/09/22 7:16 p.m.6 views

CVE-2025-58234

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in JoomSky JS Job Manager js-jobs allows Stored XSS.This issue affects JS Job Manager: from n/a through = 2.0.2...

6.5CVSS0.00197EPSS
Exploits0References1
CVE
CVE
added 2025/06/06 12:54 p.m.44 views

CVE-2025-30630

CVE-2025-30630 : The Red Hat advisory confirms an Improper Neutralization of Input During Web Page Generation (Stored XSS) in the pozzad Global Translator WordPress plugin, affecting versions up to 2.0.2. The Wordfence page also notes this CVE, describing a Stored XSS in Global Translator, with n...

5.9CVSS5.9AI score0.00225EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/25 1:19 p.m.11 views

CVE-2025-46515

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in M A Vinoth Kumar Category Widget category-widget allows Reflected XSS.This issue affects Category Widget: from n/a through = 2.0.2...

7.1CVSS7.2AI score0.00228EPSS
Exploits0References1
CVE
CVE
added 2025/03/03 1:30 p.m.56 views

CVE-2025-23564

CVE-2025-23564 covers a Reflected XSS in the WordPress WP FixTag plugin (versions up to and including v2.0.2). The issue is described as improper neutralization of input during web page generation, enabling reflected XSS. Affected product: WP FixTag (WordPress plugin). Impact per the CVE metadata...

7.1CVSS5.9AI score0.00342EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/01/06 5:33 p.m.4 views

WordPress ARS Affiliate Page Plugin plugin <= 2.0.2 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Le Ngoc Anh in WordPress Plugin ARS Affiliate Page Plugin versions = 2.0.2...

6.1CVSS6.1AI score0.00345EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/06/09 7:15 p.m.6 views

CVE-2024-35662

Missing Authorization vulnerability in Andreas Sofantzis Simple COD Fees for WooCommerce.This issue affects Simple COD Fees for WooCommerce: from n/a through 2.0.2...

8.8CVSS5.8AI score0.00351EPSS
Exploits0References1
OSV
OSV
added 2023/11/30 5:15 p.m.5 views

CVE-2023-48749

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Theme nectar Salient Core allows Stored XSS.This issue affects Salient Core: from n/a through 2.0.2...

5.4CVSS7.3AI score0.00385EPSS
Exploits0References1
Rows per page
Query Builder