Lucene search
K

26 matches found

EUVD
EUVD
added 2026/06/25 1:12 p.m.6 views

EUVD-2026-39363

Subscriber Sensitive Data Exposure in Visual Link Preview = 2.3.1 versions...

7.4CVSS5.8AI score0.00264EPSS
Exploits0References1
NVD
NVD
added 2026/06/15 9:16 p.m.7 views

CVE-2025-68851

Unauthenticated Cross Site Scripting XSS in Okay Toolkit = 2.3 versions...

7.1CVSS0.00186EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:42 p.m.8 views

CVE-2025-36145

IBM watsonx.data 2.2 through 2.3.1 IBM Lakehouse does not properly restrict inbound and outbound connections which could allow an attacker to transfer or modify files without restrictions...

5.4CVSS5.5AI score0.00166EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/04/10 12:12 a.m.9 views

WordPress AddFunc Head & Footer Code plugin <= 2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Fields vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Custom Fields vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin AddFunc Head & Footer Code versions = 2.3...

6.4CVSS5.9AI score0.002EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/02/19 8:26 a.m.32 views

CVE-2026-25311 WordPress Autoshare for Twitter plugin <= 2.3.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in 10up Autoshare for Twitter autoshare-for-twitter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Autoshare for Twitter: from n/a through = 2.3.1...

5.4CVSS0.00209EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/24 12:0 a.m.9 views

PT-2026-4547

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have a Heap Buffer Overflow vulnerability in CIccMpeCalculator::Read. This occurs when user-controllable input is unsafely incorporated into ICC profile...

8.8CVSS5.6AI score0.00524EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/01/09 9:28 a.m.5 views

CVE-2023-49747

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebFactory Ltd Guest Author allows Stored XSS.This issue affects Guest Author: from n/a through 2.3...

5.9CVSS6.7AI score0.00374EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:25 a.m.3 views

CVE-2023-4887

The Google Maps Plugin by Intergeo plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'intergeo' shortcode in versions up to, and including, 2.3.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS6.8AI score0.00345EPSS
Exploits0References1
CVE
CVE
added 2025/12/09 2:52 p.m.11 views

CVE-2025-49350

The CVE-2025-49350 entry concerns the WordPress Actionwear products sync plugin (versions up to 2.3.3). The root cause is a missing authorization due to incorrectly configured access control, leading to a broken access control vulnerability. Affected software is the Actionwear products sync plugi...

4.3CVSS6.6AI score0.00315EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-30558

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00196EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/09/10 12:0 a.m.5 views

PT-2025-37017

Name of the Vulnerable Software and Affected Versions: Testimonial plugin for WordPress versions prior to 2.3 Description: The Testimonial plugin for WordPress is susceptible to SQL Injection via the iNICtestimonial shortcode. This is due to insufficient escaping on the user-supplied parameter an...

6.5CVSS6.7AI score0.00258EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/07/10 12:0 a.m.2 views

IBM Analytics Content Hub 安全漏洞

IBM Analytics Content Hub is a clean streaming experience from International Business Machines IBM that visualizes relevant analytics by extracting content from IBM and other analytics providers. A security vulnerability exists in IBM Analytics Content Hub versions 2.0, 2.1, 2.2, and 2.3 that ste...

5.3CVSS6.2AI score0.00288EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/04/15 12:0 a.m.4 views

WordPress plugin SKT Skill Bar 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.5CVSS6.6AI score0.00215EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/03/01 12:0 a.m.4 views

WordPress plugin Database Backup and check Tables Automated With Scheduler 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin Database Backup and check...

7.2CVSS7.9AI score0.00544EPSS
Exploits0References9
Patchstack
Patchstack
added 2025/02/18 10:58 p.m.4 views

WordPress WP Media Category Management plugin 2.0-2.3.3 - Cross-Site Request Forgery to Settings Update vulnerability

Cross-Site Request Forgery to Settings Update vulnerability discovered by luckybuddy in WordPress Plugin WP Media Category Management versions 2.0-2.3.3...

6.5CVSS7AI score0.00258EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/02/11 10:37 p.m.4 views

WordPress Apus Framework plugin <= 2.3 - Authenticated (Subscriber+) Arbitrary Options Update in import_page_options vulnerability

Authenticated Subscriber+ Arbitrary Options Update in importpageoptions vulnerability discovered by Tonn in WordPress Plugin Apus Framework versions = 2.3...

8.8CVSS7AI score0.0048EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/06/08 1:15 p.m.3 views

CVE-2024-35737

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Loopus WP Visitors Tracker allows Reflected XSS.This issue affects WP Visitors Tracker: from n/a through 2.3...

6.1CVSS5.8AI score0.00288EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/05/14 10:20 a.m.5 views

WordPress Popup – Popup More Popups plugin <= 2.3.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Rayhan Ramdhany Hanaputra Patchstack Alliance in WordPress Plugin Popup More Popups versions = 2.3.1...

5.9CVSS6AI score0.00248EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2024/02/22 12:0 a.m.3 views

TemmokuMVC Code Issues Vulnerabilities

TemmokuMVC is an open source MVC framework for small and medium-sized enterprises from China's TemmokuMVC company. A code issue exists in TemmokuMVC 2.3 and earlier versions, the vulnerability stems from a security issue in the function getimgurl/imgreplace in lib/imagesgetdown.php in the compone...

8.1CVSS6.8AI score0.0078EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:27 a.m.6 views

SUSE CVE-2018-11776

Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true either by user or a plugin like Convention Plugin and then: results are used with no namespace and in same time, its upper package have no or wildcard namespace...

9.3CVSS8.9AI score0.99993EPSS
Exploits41References3
Rows per page
Query Builder