Lucene search
K

7 matches found

Patchstack
Patchstack
added 2025/09/09 11:19 p.m.9 views

WordPress Auto Save Remote Images (Drafts) plugin <= 1.0.9 - Authenticated (Contributor+) Server-Side Request Forgery vulnerability

Authenticated Contributor+ Server-Side Request Forgery vulnerability discovered by Nabil Irawan in WordPress Plugin Auto Save Remote Images Drafts versions = 1.0.9...

6.4CVSS6.9AI score0.0018EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/01/24 6:15 p.m.7 views

CVE-2025-24543

Cross-Site Request Forgery CSRF vulnerability in RSTheme Ultimate Coming Soon & Maintenance allows Cross Site Request Forgery. This issue affects Ultimate Coming Soon & Maintenance: from n/a through 1.0.9...

4.3CVSS5.8AI score0.00208EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/01/09 12:31 a.m.5 views

WordPress Files Download Delay plugin <= 1.0.9 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zakaria in WordPress Plugin Files Download Delay versions = 1.0.9...

6.4CVSS5.7AI score0.00306EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/12/16 12:0 a.m.9 views

WordPress plugin Navayan CSV Export SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability...

9.3CVSS9.3AI score0.01138EPSS
Exploits1References2
Patchstack
Patchstack
added 2024/05/06 9:51 p.m.4 views

WordPress BlogLentor – Blog Designer Pack for Elementor plugin <=1.0.9 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by 4rCanJ0x! Patchstack Alliance in WordPress Plugin BlogLentor versions = 1.0.9...

6.5CVSS6.1AI score0.00411EPSS
Exploits0Affected Software1
vulnersOsv
vulnersOsv
added 2020/11/12 7:36 p.m.4 views

@adobe/target-decisioning-engine (>=1.0.0 <=1.5.1), @agriyadev5/react-jsonschema-form (>=1.8.1 <=1.8.3) +132 more potentially affected by unknown CVE via json-logic-js (>=1.0.9 <=1.2.3)

json-logic-js NPM version =1.0.9, =1.0.0, =1.8.1, =2.29.12, =0.1.7, =1.0.4, =0.2.52, =0.0.1, =4.11.1-rc.8, =3.0.0-rc.23, =3.29.6-1, =3.1.12-1, =3.29.7-12, =3.29.15 and more Source cves: unknown CVE Source advisory: OSV:GHSA-M9HW-7XFV-WQG7...

5.8AI score
Exploits0
CNVD
CNVD
added 2015/08/21 12:0 a.m.5 views

sysPass 'getAccounts' Parameter SQL Injection Vulnerability

sysPass is a PHP-based Web password manager. A SQL injection vulnerability exists in sysPass 1.0.9 and earlier versions, which stems from the ajax/ajaxsearch.php script not adequately filtering the 'search' parameter. A remote attacker can exploit this vulnerability to execute arbitrary SQL...

6.5CVSS8.6AI score0.02002EPSS
Exploits1References1
Rows per page
Query Builder