Lucene search
K

7 matches found

CVE
CVE
added yesterday5 views

CVE-2026-12536

CVE-2026-12536 : A Stored Cross-Site Scripting flaw in the Avada (Fusion) Builder plugin for WordPress affects all versions up to 3.15.5. It arises from insufficient input sanitization and output escaping in the Module Title parameter. An authenticated attacker with Contributor-level access or hi...

6.4CVSS6.2AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/09 3:31 p.m.16 views

Important: Red Hat Security Advisory: Red Hat Quay 3.15.5

Red Hat Quay 3.15.5 is now available with bug fixes. Quay 3.15.5...

10CVSS6.7AI score0.01557EPSS
Exploits9References24
Patchstack
Patchstack
added 2026/03/31 11:58 p.m.4 views

WordPress User Profile Builder - Beautiful User Registration Forms, User Profiles & User Role Editor plugin <= 3.15.5 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary Post Author Reassignment via Avatar Field vulnerability

WordPress User Profile Builder - Beautiful User Registration Forms, User Profiles & User Role Editor plugin = 3.15.5 - Insecure Direct Object Reference to Authenticated Subscriber+ Arbitrary Post Author Reassignment via Avatar Field vulnerability discovered by type5afe in WordPress Plugin Profile...

4.3CVSS5.9AI score0.00171EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/03/31 11:18 a.m.18 views

CVE-2026-3139

The CVE-2026-3139 vulnerability affects the WordPress plugin “User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor” up to version 3.15.5. The issue is insecure direct object reference via wppb_save_avatar_value(), caused by missing validation on a user-contro...

4.3CVSS6AI score0.00171EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/03/07 12:0 a.m.13 views

PT-2022-12019 · Apache +2 · Apache Http Server +2

Name of the Vulnerable Software and Affected Versions: Northern.tech CFEngine Enterprise versions prior to 3.15.5 Northern.tech CFEngine Enterprise versions 3.18.x prior to 3.18.1 Description: The issue is related to insecure permissions, which may allow unauthorized local users to access log...

5.5CVSS5.3AI score0.00359EPSS
Exploits2References11
Prion
Prion
added 2018/12/21 11:29 p.m.13 views

Cross site scripting

LimeSurvey version 3.15.5 contains a Cross-site scripting XSS vulnerability in Survey Resource zip upload, resulting in Javascript code execution against LimeSurvey administrators. Fixed in version 3.15.6...

4.3CVSS6.4AI score0.01114EPSS
Exploits0References2Affected Software1
OPENSUSE Linux
OPENSUSE Linux
added 2014/03/26 5:4 p.m.39 views

MozillaFirefox: Update to version 28.0 (important)

Mozilla Firefox was updated to version 28.0, receiving enhancements, bug and security fixes. Mozilla NSPR was updated to 4.10.4 receiving enhancements, bug and security fixes. Mozilla NSS was updated to 3.15.5 receiving enhancements, bug and security fixes. Changes in MozillaFirefox: - update to...

9.3CVSS0.9AI score0.83633EPSS
Exploits20References2
Rows per page
Query Builder