Lucene search
K

7 matches found

Cvelist
Cvelist
added 2025/11/11 6:58 p.m.4 views

CVE-2025-61837 Format Plugins | Heap-based Buffer Overflow (CWE-122)

Format Plugins versions 1.1.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS0.00255EPSS
Exploits0References1
OSV
OSV
added 2024/03/18 4:15 p.m.3 views

CVE-2024-1658

The Grid Shortcodes WordPress plugin before 1.1.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS5.8AI score0.00379EPSS
Exploits2References1
CNNVD
CNNVD
added 2024/01/16 12:0 a.m.17 views

WordPress plugin Demo Import security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

7.2CVSS7AI score0.012EPSS
Exploits2References2
ATTACKERKB
ATTACKERKB
added 2023/08/21 5:15 p.m.4 views

CVE-2023-39106

An issue in Nacos Group Nacos Spring Project v.1.1.1 and before allows a remote attacker to execute arbitrary code via the SnakeYamls Constructor component...

8.8CVSS7.8AI score0.01068EPSS
Exploits1References2
CNVD
CNVD
added 2020/08/07 12:0 a.m.2 views

DP3T-Backend-SDK Data Forgery Issue Vulnerability

DP3T-Backend-SDK is a backend implementation of DP3T Decentralized Privacy Preserving Neighborhood Tracking. A security vulnerability exists in DP3T-Backend-SDK versions prior to 1.1.1. An attacker can exploit the vulnerability to bypass signature checking...

7.5CVSS6.8AI score0.01553EPSS
Exploits0References1
CNVD
CNVD
added 2017/04/26 12:0 a.m.1 views

WordPress WHIZ plugin cross-site request forgery vulnerability

WordPress is a blogging platform developed using the PHP language that allows users to set up their own websites on servers that support PHP and MySQL databases. WordPress can also be used as a content management system CMS. A cross-site request forgery vulnerability in the WHIZ plugin for...

8.1CVSS6.6AI score0.00639EPSS
Exploits1References1
NVD
NVD
added 2004/12/31 5:0 a.m.9 views

CVE-2004-2268

PimenGest2 before 1.1.1 allows remote attackers to obtain the database password via debug information in rowLatex.inc.php...

5CVSS6.5AI score0.01388EPSS
Exploits0References5
Rows per page
Query Builder