Lucene search
K

50 matches found

Patchstack
Patchstack
added 2026/01/21 10:51 a.m.9 views

WordPress WorkScout theme <= 4.1.07 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme WorkScout versions = 4.1.07...

7.1CVSS5.3AI score0.0023EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/10/23 3:13 p.m.6 views

CVE-2025-59571

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in purethemes WorkScout-Core workscout-core allows Reflected XSS.This issue affects WorkScout-Core: from n/a through 1.7.06...

7.1CVSS6.4AI score0.00228EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/22 3:31 p.m.6 views

EUVD-2025-35434

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in purethemes WorkScout-Core workscout-core allows Reflected XSS.This issue affects WorkScout-Core: from n/a through 1.7.06...

5.9AI score0.00228EPSS
Exploits0References2
NVD
NVD
added 2025/10/22 3:15 p.m.3 views

CVE-2025-59571

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in purethemes WorkScout-Core workscout-core allows Reflected XSS.This issue affects WorkScout-Core: from n/a through 1.7.06...

7.1CVSS0.00228EPSS
Exploits0References1
CVE
CVE
added 2025/10/22 2:32 p.m.7 views

CVE-2025-59571

CVE-2025-59571 describes a Reflected XSS in the WordPress WorkScout-Core plugin, affecting versions older than 1.7.06. The issue arises from improper input neutralization during web page generation. CVSS 3.1 base score 7.1 ( HIGH ) with network access, low impacts to confidentiality/integrity/ava...

7.1CVSS6AI score0.00228EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/22 2:32 p.m.2 views

CVE-2025-59571 WordPress WorkScout-Core plugin < 1.7.06 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in purethemes WorkScout-Core workscout-core allows Reflected XSS.This issue affects WorkScout-Core: from n/a through 1.7.06...

7.1CVSS6AI score0.00228EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/22 2:32 p.m.9 views

CVE-2025-59571 WordPress WorkScout-Core plugin < 1.7.06 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in purethemes WorkScout-Core workscout-core allows Reflected XSS.This issue affects WorkScout-Core: from n/a through 1.7.06...

7.1CVSS0.00228EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/22 12:0 a.m.4 views

WordPress plugin WorkScout-Core 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. A cross-site...

7.1CVSS6AI score0.00228EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2021-11160

Malware in sbrugna...

5.4CVSS5.5AI score0.00659EPSS
Exploits2References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.10 views

EUVD-2025-30477

Malicious code in bioql PyPI...

8.8CVSS6.4AI score0.00159EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/09/23 5:30 a.m.6 views

WordPress WorkScout-Core plugin < 1.7.06 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Bonds in WordPress Plugin WorkScout-Core versions 1.7.06...

7.1CVSS6.1AI score0.00228EPSS
Exploits0Affected Software1
NVD
NVD
added 2025/09/22 7:16 p.m.19 views

CVE-2025-59572

Cross-Site Request Forgery CSRF vulnerability in purethemes WorkScout-Core workscout-core allows Cross Site Request Forgery.This issue affects WorkScout-Core: from n/a through 1.7.06...

8.8CVSS0.00159EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/09/22 6:27 p.m.9 views

WordPress WorkScout-Core Plugin < 1.7.06 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Bonds in WordPress Plugin WorkScout-Core versions 1.7.06...

8.8CVSS6.6AI score0.00159EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2025/09/22 6:25 p.m.25 views

CVE-2025-59572 WordPress WorkScout-Core Plugin < 1.7.06 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in purethemes WorkScout-Core workscout-core allows Cross Site Request Forgery.This issue affects WorkScout-Core: from n/a through 1.7.06...

8.8CVSS0.00159EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/22 6:25 p.m.7 views

CVE-2025-59572 WordPress WorkScout-Core Plugin < 1.7.06 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in purethemes WorkScout-Core allows Cross Site Request Forgery. This issue affects WorkScout-Core: from n/a through n/a...

8.8CVSS6.5AI score0.00159EPSS
Exploits0References1
CVE
CVE
added 2025/09/22 6:25 p.m.16 views

CVE-2025-59572

CVE-2025-59572 is a Cross‑Site Request Forgery (CSRF) vulnerability in the WordPress plugin set related to the WorkScout Core (WorkScout-Core). The description indicates the issue affects WorkScout-Core versions prior to 1.7.06 (i.e.,

8.8CVSS5.9AI score0.00159EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/09/22 12:0 a.m.4 views

WordPress plugin WorkScout-Core 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...

8.8CVSS6.5AI score0.00159EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/22 12:0 a.m.5 views

PT-2025-39046

Name of the Vulnerable Software and Affected Versions WorkScout-Core versions not specified Description A Cross-Site Request Forgery CSRF issue exists in purethemes WorkScout-Core, allowing attackers to perform actions on behalf of authenticated users. This can be exploited by tricking a user int...

8.8CVSS6.2AI score0.00159EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/22 7:21 p.m.8 views

CVE-2021-24246

The Workscout Core WordPress plugin before 1.3.4, used by the WorkScout Theme did not sanitise the chat messages sent via the workscoutsendmessagechat AJAX action, leading to Stored Cross-Site Scripting and Cross-Frame Scripting issues...

5.4CVSS6AI score0.00659EPSS
Exploits2References1
CNVD
CNVD
added 2021/05/14 12:0 a.m.4 views

WordPress Workscout Core Plugin Cross-Site Scripting Vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in WordPress Workscout Core Plugin versions prior to...

5.4CVSS6.2AI score0.00659EPSS
Exploits2References1
Rows per page
Query Builder