Lucene search
K

26 matches found

Nuclei
Nuclei
added 13 hours ago8 views

Privacy Policy Genius - Cross-Site Scripting

Privacy Policy Genius WordPress plugin v2.0.4 contains a reflected cross-site scripting caused by unsanitized parameter output in the page, letting attackers execute malicious scripts in the context of high privilege users, exploit requires attacker to craft a malicious URL. id: CVE-2024-13219...

6.1CVSS7.1AI score0.00565EPSS
Exploits1References2
Nuclei
Nuclei
added 13 hours ago19 views

Dash Framework - Cross-site Scripting

Dash framework versions before 2.15.0 are vulnerable to Cross-site Scripting XSS via href attribute in anchor tags. This template tests for javascript:alert payload injection. id: CVE-2024-21485 info: name: Dash Framework - Cross-site Scripting author: Lee Changhyuneeche severity: medium...

6.5CVSS6.4AI score0.01475EPSS
Exploits1References1
OSV
OSV
added last week3 views

DEBIAN-CVE-2026-13913

Insufficient policy enforcement in Autofill in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.0017EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.6 views

PT-2026-54240

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 150.0.7871.47 Description Insufficient policy enforcement in the WebView component allows a remote attacker to bypass navigation restrictions by using a crafted HTML page. Recommendations Update Googl...

9.6CVSS6AI score0.00413EPSS
Exploits0References437
NVD
NVD
added 2026/06/04 11:17 p.m.7 views

CVE-2026-11181

Inappropriate implementation in Media Session in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

6.3CVSS0.00137EPSS
Exploits0References2
Rosalinux
Rosalinux
added 2026/03/22 9:30 p.m.11 views

Advisory ROSA-SA-2026-3249

software: vim 9.1.2148 WASP: ROSA-CHROME unaffected versions = vim-9.1.2148-1 affected versions vim-9.1.2148-1 CVE-ID: CVE-2026-25749 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: Heap overflow in Vim before version 9.1.2132 when processing the 'helpfile' option. In gettagfname src/tag.c, the value of...

6.6CVSS6AI score0.00213EPSS
Exploits1
Rosalinux
Rosalinux
added 2026/02/16 12:24 p.m.7 views

Advisory ROSA-SA-2026-3190

Software: libsndfile 1.0.28 OS: ROSA Virtualization 2.1 unaffected versions = libsndfile-1.0.28-16.0.2.rv3 affected versions libsndfile-1.0.28-16.0.2.rv3 CVE-ID: CVE-2017-14634 BDU-ID: 2021-03755 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the double64init function of the libsndfile library is...

6.5CVSS6.3AI score0.03423EPSS
Exploits2
Nginx
Nginx
added 2026/02/04 3:2 p.m.853 views

SSL upstream injection

SSL upstream injection Severity: medium CVE-2026-1642 Not vulnerable: 1.29.5+, 1.28.2+ Vulnerable: 1.3.0-1.29.4...

8.2CVSS5.3AI score0.00339EPSS
Exploits0References1Affected Software1
Rosalinux
Rosalinux
added 2025/08/06 8:30 a.m.5 views

Advisory ROSA-SA-2025-2924

software: qt5-qtbase 5.15.16 WASP: ROSA-CHROME unaffected versions = qt5-qtbase-5.15.16-3 affected versions qt5-qtbase-5.15.16-3 CVE-ID: CVE-2025-30348 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in QDom allows a remote attacker to execute a complex algorithm involving copying XML...

5.8CVSS6.5AI score0.00343EPSS
Exploits0
Patchstack
Patchstack
added 2025/07/17 11:15 a.m.16 views

WordPress FoodMenu <= 1.20 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Plugin FoodMenu versions = 1.20...

7.1CVSS6AI score0.00213EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/07/07 11:56 a.m.5 views

WordPress Infility Global plugin <= 2.13.4 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by astra.r3verii in WordPress Plugin Infility Global versions = 2.13.4...

7.1CVSS5.8AI score0.00235EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/06/26 11:56 a.m.7 views

WordPress Content Manager Light plugin <= 3.2 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Tran Nguyen Bao KhanhVCI - VNPT in WordPress Plugin Content Manager Light versions = 3.2...

7.1CVSS5.9AI score0.00222EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/06/12 12:3 p.m.7 views

WordPress WP VR plugin <= 8.5.26 - Arbitrary File Upload Vulnerability

Arbitrary File Upload Vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin WP VR versions = 8.5.26...

9.9CVSS6.7AI score0.00423EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/04/29 12:23 p.m.5 views

WordPress Syndicate Out <= 0.9 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Nguyen Xuan Chien Patchstack Alliance in WordPress Plugin Syndicate Out versions = 0.9...

7.1CVSS7.7AI score0.00185EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/04/11 12:16 p.m.6 views

WordPress WP Featured Screenshot Plugin <= 1.3 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Le Ngoc Anh in WordPress Plugin WP Featured Screenshot versions = 1.3...

7.1CVSS6.9AI score0.0025EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/04/10 12:23 p.m.6 views

WordPress FS Poster plugin <= 6.5.8 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin FS Poster versions = 6.5.8...

7.1CVSS6.9AI score0.0021EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/04/10 9:38 a.m.5 views

WordPress Stop Registration Spam Plugin <= 1.24 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k in WordPress Plugin Stop Registration Spam versions = 1.24...

7.1CVSS6.9AI score0.00237EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/04/10 9:20 a.m.7 views

WordPress UXsniff Plugin <= 1.3.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin UXsniff versions = 1.3.1...

7.1CVSS6.9AI score0.00235EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/04/04 9:19 a.m.5 views

WordPress Easy Contact plugin <= 0.1.2 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Phat RiO - Fore-Z co.ltd in WordPress Plugin Easy Contact versions = 0.1.2...

7.1CVSS7AI score0.0021EPSS
Exploits0Affected Software1
Rosalinux
Rosalinux
added 2025/03/08 9:19 p.m.15 views

Advisory ROSA-SA-2025-2765

Software: python-jinja2 2.10.1 OS: ROSA Virtualization 2.1 packageevrstring: python-jinja2-2.10.1-6.rv3 CVE-ID: CVE-2024-56326 BDU-ID: 2025-00113 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the str.format method of the html template tool jinja is related to a failure to neutralize special...

7.8CVSS8.1AI score0.005EPSS
Exploits0
Rows per page
Query Builder