Lucene search
K

450 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2006-3943

Malware in sbrugna...

7.5CVSS6.4AI score0.01404EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2008-7207

Malware in sbrugna...

4.3CVSS6.2AI score0.01056EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2007-3481

Malware in sbrugna...

4.3CVSS6.4AI score0.01867EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-0561

Malware in sbrugna...

5.3CVSS5.3AI score0.02517EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.24 views

EUVD-2024-44259

Malicious code in bioql PyPI...

4.4CVSS6.5AI score0.00255EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-33571

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.01449EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.22 views

EUVD-2025-30918

Malicious code in bioql PyPI...

5.4CVSS6.3AI score0.00201EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-42139

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00956EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-31405

Malicious code in bioql PyPI...

7.2CVSS6.5AI score0.09051EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/09/28 4:54 a.m.11 views

CVE-2025-9816

The WP Statistics – The Most Popular Privacy-Friendly Analytics Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the User-Agent Header in all versions up to, and including, 14.5.4 due to insufficient input sanitization and output escaping. This makes it possible for...

7.2CVSS5.2AI score0.09051EPSS
Exploits0References1
NVD
NVD
added 2025/09/27 5:15 a.m.4 views

CVE-2025-9816

The WP Statistics – The Most Popular Privacy-Friendly Analytics Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the User-Agent Header in all versions up to, and including, 14.5.4 due to insufficient input sanitization and output escaping. This makes it possible for...

7.2CVSS0.09051EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/09/27 4:26 a.m.2 views

CVE-2025-9816 WP Statistics <= 14.5.4 - Unauthenticated Stored Cross-Site Scripting via User-Agent Header

The WP Statistics – The Most Popular Privacy-Friendly Analytics Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the User-Agent Header in all versions up to, and including, 14.5.4 due to insufficient input sanitization and output escaping. This makes it possible for...

7.2CVSS4.9AI score0.09051EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/09/27 4:26 a.m.10 views

CVE-2025-9816 WP Statistics <= 14.5.4 - Unauthenticated Stored Cross-Site Scripting via User-Agent Header

The WP Statistics – The Most Popular Privacy-Friendly Analytics Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the User-Agent Header in all versions up to, and including, 14.5.4 due to insufficient input sanitization and output escaping. This makes it possible for...

7.2CVSS0.09051EPSS
Exploits0References2
CVE
CVE
added 2025/09/27 4:26 a.m.21 views

CVE-2025-9816

CVE-2025-9816 : WP Statistics for WordPress is affected by unauthenticated Stored Cross‑Site Scripting via the User‑Agent header in all versions up to 14.5.4. Root cause: insufficient input sanitization and output escaping. Impact: arbitrary script injection executed when users load injected page...

7.2CVSS4.9AI score0.09051EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/09/27 12:0 a.m.4 views

PT-2025-39709

Name of the Vulnerable Software and Affected Versions WP Statistics – The Most Popular Privacy-Friendly Analytics Plugin versions through 14.5.4 Description The software is susceptible to Stored Cross-Site Scripting through the User-Agent Header due to inadequate input sanitization and output...

7.2CVSS5.8AI score0.09051EPSS
Exploits0References9
CNNVD
CNNVD
added 2025/09/27 12:0 a.m.3 views

WordPress plugin WP Statistics 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

7.2CVSS5.8AI score0.09051EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/09/25 2:54 a.m.25 views

CVE-2025-57407

A stored cross-site scripting XSS vulnerability in the Admin Log Viewer of S-Cart =10.0.3 allows a remote authenticated attacker to inject arbitrary web script or HTML via a crafted User-Agent header. The script is executed in an administrator's browser when they view the security log page, which...

5.4CVSS5.2AI score0.00201EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/09/23 6:30 p.m.12 views

GP247 and S-Cart have a stored cross-site scripting (XSS) vulnerability

A stored cross-site scripting XSS vulnerability in the Admin Log Viewer of S-Cart =10.0.3 allows a remote authenticated attacker to inject arbitrary web script or HTML via a crafted User-Agent header. The script is executed in an administrator's browser when they view the security log page, which...

5.4CVSS5.3AI score0.00201EPSS
Exploits0References5Affected Software2
OSV
OSV
added 2025/09/23 6:30 p.m.5 views

GHSA-46V4-5MC8-Q2CF GP247 and S-Cart have a stored cross-site scripting (XSS) vulnerability

A stored cross-site scripting XSS vulnerability in the Admin Log Viewer of S-Cart =10.0.3 allows a remote authenticated attacker to inject arbitrary web script or HTML via a crafted User-Agent header. The script is executed in an administrator's browser when they view the security log page, which...

5.3CVSS5.3AI score0.00201EPSS
Exploits0References4
Snyk
Snyk
added 2025/09/23 4:44 p.m.5 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the User-Agent header in the Admin Log Viewer. An attacker can execute arbitrary web scripts in an administrator's browser by injecting crafted input, which is rendered when the security log page is viewed...

5.4CVSS5.4AI score0.00201EPSS
Exploits0References2
Rows per page
Query Builder