Lucene search
K

15 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:51 p.m.10 views

CVE-2025-14545

The YML for Yandex Market WordPress plugin before 5.0.26 is vulnerable to Remote Code Execution via the feed generation process...

6.5CVSS5.6AI score0.00266EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/10 9:31 a.m.6 views

EUVD-2025-209399

The YML for Yandex Market WordPress plugin before 5.0.26 is vulnerable to Remote Code Execution via the feed generation process...

6.5CVSS6AI score0.00266EPSS
Exploits0References2
NVD
NVD
added 2026/04/10 7:16 a.m.4 views

CVE-2025-14545

The YML for Yandex Market WordPress plugin before 5.0.26 is vulnerable to Remote Code Execution via the feed generation process...

6.5CVSS0.00266EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/10 6:0 a.m.3 views

CVE-2025-14545

The YML for Yandex Market WordPress plugin before 5.0.26 is vulnerable to Remote Code Execution via the feed generation process...

6AI score0.00266EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/10 6:0 a.m.2 views

CVE-2025-14545 YML for Yandex Market < 5.0.26 - Shop Manager+ RCE via Feed Generation

The YML for Yandex Market WordPress plugin before 5.0.26 is vulnerable to Remote Code Execution via the feed generation process...

5.9AI score0.00266EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-17122

Malicious code in bioql PyPI...

6.1CVSS7AI score0.00466EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2024-49896

Malicious code in bioql PyPI...

6.1CVSS6.5AI score0.00398EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-34888

Malicious code in bioql PyPI...

7.1CVSS7.1AI score0.00382EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:38 a.m.8 views

CVE-2024-9378

The YML for Yandex Market plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 4.7.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary...

6.1CVSS6.4AI score0.00398EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:23 a.m.8 views

CVE-2024-1365

The YML for Yandex Market plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the feedid parameter in all versions up to, and including, 4.2.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary...

6.1CVSS6.4AI score0.00466EPSS
Exploits0References1
OSV
OSV
added 2024/10/02 9:15 a.m.5 views

CVE-2024-9378

The YML for Yandex Market plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 4.7.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary...

6.1CVSS5.9AI score0.00398EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/10/02 12:0 a.m.6 views

PT-2024-39606 · Yandex · Yml For Yandex Market Plugin For Wordpress

Name of the Vulnerable Software and Affected Versions: YML for Yandex Market plugin for WordPress versions up to, and including, 4.7.2 Description: The issue is related to Reflected Cross-Site Scripting via the page parameter due to insufficient input sanitization and output escaping. This allows...

6.1CVSS6.9AI score0.00398EPSS
Exploits0References9
OSV
OSV
added 2024/03/13 4:15 p.m.5 views

CVE-2024-1365

The YML for Yandex Market plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the feedid parameter in all versions up to, and including, 4.2.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary...

6.1CVSS7.4AI score0.00466EPSS
Exploits0References2
OSV
OSV
added 2023/08/16 10:15 a.m.5 views

CVE-2023-30473

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Maxim Glazunov YML for Yandex Market plugin = 3.10.7 versions...

6.1CVSS7.3AI score0.00382EPSS
Exploits0References1
CVE
CVE
added 2023/08/16 9:52 a.m.23 views

CVE-2023-30473

CVE-2023-30473 affects WordPress plugin YML for Yandex Market (author Maxim Glazunov) up to version 3.10.7, with unauthenticated reflected XSS. Patch guidance is to upgrade to 3.10.8 or later. Public sources in connected docs confirm XSS as the vulnerability class and indicate the fix/version. No...

7.1CVSS6AI score0.00382EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder