Lucene search
K

17 matches found

Positive Technologies
Positive Technologies
added 2026/04/11 12:0 a.m.5 views

PT-2026-32087

Name of the Vulnerable Software and Affected Versions The GreenShift - Animation and Page Builder Blocks plugin for WordPress versions up to and including 12.8.9 Description The GreenShift - Animation and Page Builder Blocks plugin for WordPress is susceptible to Stored Cross-Site Scripting due t...

6.4CVSS6.1AI score0.0042EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/04/11 12:0 a.m.6 views

WordPress plugin GreenShift - Animation and Page Builder Blocks 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.4CVSS5.7AI score0.0042EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/03/05 9:24 p.m.5 views

CVE-2026-2593 Greenshift – animation and page builder blocks <= 12.8.5 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the gspbpostcss post meta value and the dynamicAttributes block attribute in all versions up to, and including, 12.8.5 due to insufficient input sanitization and output escapin...

6.4CVSS5.9AI score0.00197EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/05 12:0 a.m.3 views

PT-2026-23519

Name of the Vulnerable Software and Affected Versions Greenshift – animation and page builder blocks plugin for WordPress versions through 12.8.5 Description The Greenshift plugin for WordPress is susceptible to Stored Cross-Site Scripting. The issue stems from inadequate input sanitization and...

6.4CVSS5.8AI score0.00197EPSS
Exploits0References6
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.19 views

SolarWinds Web Help Desk < 12.8.3 - Insecure Deserialization

SolarWinds Web Help Desk before version 12.8.3 contain a critical Java deserialization vulnerability that enables remote code execution. Attackers can exploit this flaw to execute arbitrary commands on the host machine. Initially reported as unauthenticated, SolarWinds was unable to reproduce...

9.8CVSS8.7AI score0.8833EPSS
Exploits1References3
CVE
CVE
added 2025/12/09 2:52 p.m.15 views

CVE-2025-63073

The CVE-2025-63073 entry concerns the WordPress Dream-Theme The7 (dt-the7) WordPress theme up to version 12.8.0.2, with a DOM-based XSS caused by improper input neutralization during web page generation. The issue affects The7 versions

6.5CVSS5.9AI score0.00161EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/09 2:52 p.m.24 views

CVE-2025-63073 WordPress The7 theme < 12.9.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Dream-Theme The7 dt-the7 allows DOM-Based XSS.This issue affects The7: from n/a through 12.9.0...

6.5CVSS0.00161EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/04 12:0 a.m.4 views

WatchGuard Fireware OS 安全漏洞

WatchGuard Fireware OS is a software from WatchGuard USA that runs on Firebox. A security vulnerability exists in WatchGuard Fireware OS versions 12.8.1 through 12.11.4 and 2025.1 through 2025.1.2, which stems from an expected behavior violation that could result in bypassing system integrity...

6.7CVSS6.7AI score0.00107EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/09/01 12:0 a.m.6 views

SolarWinds Web Help Desk 代码问题漏洞

SolarWinds Web Help Desk is a suite of help desk and asset management software from US-based SolarWinds. The software supports centralized knowledge base, IT asset management, project and task management, and other features. A code issue vulnerability exists in SolarWinds Web Help Desk version...

9.8CVSS7.8AI score0.36619EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/10/10 12:0 a.m.5 views

SeaCMS Security Vulnerability

SeaCMS is a free and open source web content management system written in PHP. The system is primarily designed to manage video-on-demand resources. A security vulnerability exists in SeaCMS version v.12.8, which originates from allowing an attacker to execute arbitrary code via the...

8.1CVSS7.7AI score0.00631EPSS
Exploits0References3
OSV
OSV
added 2023/09/25 11:15 p.m.4 views

CVE-2023-43278

A Cross-Site Request Forgery CSRF in adminmanager.php of Seacms up to v12.8 allows attackers to arbitrarily add an admin account...

8.8CVSS5.8AI score0.00286EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/09/19 12:0 a.m.3 views

MiniTool Partition Wizard Trust Management Issue Vulnerability

MiniTool Partition Wizard is a partition manager for home and home office users from MiniTool Canada. A security vulnerability exists in MiniTool Partition Wizard version 12.8, which originates from a vulnerability that allows an attacker to achieve remote code execution via a man-in-the-middle...

8.1CVSS7.9AI score0.0063EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/03/21 6:15 p.m.6 views

CVE-2022-24236

An insecure permissions vulnerability in Snapt Aria v12.8 allows unauthenticated attackers to send e-mails from spoofed users' accounts...

3.5CVSS5.8AI score0.0055EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/03/21 12:0 a.m.5 views

Snapt Aria 跨站请求伪造漏洞

Snapt Aria is an enterprise ADC solution from Snapt USA that provides a load balancer, web gas pedal, web application firewall WAF, global server load balancer GSLB, etc. A cross-site request forgery vulnerability exists in Snapt Aria version 12.8, which stems from a WEB application that does not...

8.8CVSS6AI score0.00677EPSS
Exploits1References3
CNNVD
CNNVD
added 2021/07/06 12:0 a.m.4 views

GitLab安全漏洞

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. An access control error vulnerability exists in GitLab...

7.5CVSS5.7AI score0.01084EPSS
Exploits0References3
CNVD
CNVD
added 2020/05/08 12:0 a.m.2 views

GitLab path traversal vulnerability (CNVD-2020-29843)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab Enterprise...

5.3CVSS6.7AI score0.0123EPSS
Exploits0
CNVD
CNVD
added 2020/03/13 12:0 a.m.3 views

GitLab Domain Restriction Bypass Vulnerability

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab version 12.8.x...

5.3CVSS6.8AI score0.01016EPSS
Exploits0
Rows per page
Query Builder