Lucene search
K

397 matches found

RedhatCVE
RedhatCVE
added 2026/02/20 1:27 p.m.5 views

CVE-2026-25307

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 8theme XStore Core et-core-plugin allows DOM-Based XSS.This issue affects XStore Core: from n/a through 5.7...

6.5CVSS5.5AI score0.00161EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/20 1:27 p.m.6 views

CVE-2026-25305

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 8theme XStore xstore allows DOM-Based XSS.This issue affects XStore: from n/a through = 9.6.4...

6.5CVSS5.5AI score0.00161EPSS
Exploits0References1
NVD
NVD
added 2026/02/19 9:16 a.m.4 views

CVE-2026-25006

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in 8theme XStore xstore allows Code Injection.This issue affects XStore: from n/a through = 9.6.4...

5.3CVSS0.00236EPSS
Exploits0References1
NVD
NVD
added 2026/02/19 9:16 a.m.9 views

CVE-2026-25305

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 8theme XStore xstore allows DOM-Based XSS.This issue affects XStore: from n/a through = 9.6.4...

6.5CVSS0.00161EPSS
Exploits0References1
NVD
NVD
added 2026/02/19 9:16 a.m.3 views

CVE-2026-25307

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 8theme XStore Core et-core-plugin allows DOM-Based XSS.This issue affects XStore Core: from n/a through 5.7...

6.5CVSS0.00161EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/19 8:26 a.m.4 views

CVE-2026-25307

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 8theme XStore Core et-core-plugin allows DOM-Based XSS.This issue affects XStore Core: from n/a through 5.7...

5.5AI score0.00161EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/19 8:26 a.m.6 views

CVE-2026-25307 WordPress XStore Core plugin < 5.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 8theme XStore Core et-core-plugin allows DOM-Based XSS.This issue affects XStore Core: from n/a through 5.7...

6.5CVSS5.5AI score0.00161EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/19 8:26 a.m.33 views

CVE-2026-25307 WordPress XStore Core plugin < 5.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 8theme XStore Core et-core-plugin allows DOM-Based XSS.This issue affects XStore Core: from n/a through 5.7...

6.5CVSS0.00161EPSS
Exploits0References1
CVE
CVE
added 2026/02/19 8:26 a.m.10 views

CVE-2026-25307

CVE-2026-25307 describes a DOM-based XSS in the WordPress XStore Core et-core-plugin (affecting XStore Core versions

6.5CVSS5.4AI score0.00161EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/19 8:26 a.m.3 views

CVE-2026-25305 WordPress XStore theme <= 9.6.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 8theme XStore xstore allows DOM-Based XSS.This issue affects XStore: from n/a through = 9.6.4...

5.9AI score0.00161EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/19 8:26 a.m.30 views

CVE-2026-25006 WordPress XStore theme <= 9.6.4 - Arbitrary Shortcode Execution vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in 8theme XStore xstore allows Code Injection.This issue affects XStore: from n/a through = 9.6.4...

5.3CVSS0.00236EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/19 8:26 a.m.27 views

CVE-2026-25305 WordPress XStore theme <= 9.6.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 8theme XStore xstore allows DOM-Based XSS.This issue affects XStore: from n/a through = 9.6.4...

6.5CVSS0.00161EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/19 8:26 a.m.2 views

CVE-2026-25006

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in 8theme XStore xstore allows Code Injection.This issue affects XStore: from n/a through = 9.6.4...

5.5AI score0.00236EPSS
Exploits0References2
CVE
CVE
added 2026/02/19 8:26 a.m.9 views

CVE-2026-25305

The CVE CVE-2026-25305 concerns the 8theme WordPress XStore theme (xstore) with versions up to and including 9.6.4. It is a DOM-based Cross-Site Scripting (XSS) vulnerability caused by improper neutralization of input during web page generation. The issue affects XStore and can lead to client-sid...

6.5CVSS5.4AI score0.00161EPSS
Exploits0References1
CVE
CVE
added 2026/02/19 8:26 a.m.15 views

CVE-2026-25006

CVE-2026-25006 affects the WordPress XStore theme up to version 9.6.4. The Root Cause is improper neutralization of script-related HTML tags in a web page, enabling Code Injection via XStore’s shortcode handling. Affected product: XStore theme (WordPress). Impact: potential arbitrary shortcode ex...

5.3CVSS5.5AI score0.00236EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/19 8:26 a.m.3 views

CVE-2026-25006 WordPress XStore theme <= 9.6.4 - Arbitrary Shortcode Execution vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in 8theme XStore xstore allows Code Injection.This issue affects XStore: from n/a through = 9.6.4...

5.3CVSS6AI score0.00236EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/19 8:26 a.m.4 views

CVE-2026-25305

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 8theme XStore xstore allows DOM-Based XSS.This issue affects XStore: from n/a through = 9.6.4...

5.5AI score0.00161EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/19 12:0 a.m.5 views

PT-2026-20680

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 8theme XStore Core et-core-plugin allows DOM-Based XSS.This issue affects XStore Core: from n/a through 5.7...

5.5AI score0.00161EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/19 12:0 a.m.8 views

PT-2026-20679

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 8theme XStore xstore allows DOM-Based XSS.This issue affects XStore: from n/a through = 9.6.4...

5.5AI score0.00161EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/19 12:0 a.m.7 views

WordPress plugin XStore 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

5.3CVSS5.9AI score0.00236EPSS
Exploits0References1
Rows per page
Query Builder