Lucene search
+L

5 matches found

euvd
euvd
added 16 hours ago4 views

EUVD-2026-44859

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'twittermessage' Sequoia Template Setting in all versions up to, and including, 4.16.3 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS6.2AI score
Exploits0References8
osv
osv
added 2025/08/09 1:31 a.m.7 views

CVE-2025-54417 Craft contains a theoretical bypass for CVE-2025-23209

Craft is a platform for creating digital experiences. Versions 4.13.8 through 4.16.2 and 5.5.8 through 5.8.3 contain a vulnerability that can bypass CVE-2025-23209: "Craft CMS has a potential RCE with a compromised security key". To exploit this vulnerability, the project must meet these...

7.7CVSS8.8AI score0.00488EPSS
Exploits0References4
cnnvd
cnnvd
added 2022/03/28 12:0 a.m.7 views

WordPress plugin WordPress File Upload Free and Pro 路径遍历漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL server set up a personal blog site . WordPress plugin is an open source WordPress application plugin . A path traversal vulnerability exists in the WordPress Fil...

8.8CVSS6AI score0.02849EPSS
Exploits2References3
cnnvd
cnnvd
added 2022/03/07 12:0 a.m.6 views

WordPress plugin 跨站脚本漏洞

WordPress is a blogging platform developed by the Wordpress Foundation using the PHP language. WordPress plugin is a WordPress application plugin. WordPress File Upload plugin versions prior to 4.16.3 have a cross-site scripting vulnerability that stems from the plugin's failure to evade some of...

5.4CVSS5.4AI score0.0077EPSS
Exploits2References3
cnvd
cnvd
added 2019/08/13 12:0 a.m.22 views

WordPress Meta Box Plugin Path Traversal Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Meta Box plugin is a custom field plugin used in it. A path traversal vulnerability exists in WordPress Meta Box plugin versions prior ...

6.5CVSS6.7AI score0.01005EPSS
Exploits1References1
Rows per page
Query Builder