Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-50218

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00543EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-10813

Malicious code in bioql PyPI...

5.4CVSS6.6AI score0.00196EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/04/13 4:39 p.m.79 views

CVE-2025-32074

Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki - Confirm Account Extension allows Cross-Site Scripting XSS.This issue affects Mediawiki - Confirm Account Extension: from 1.39 through 1.43...

10CVSS6.5AI score0.00196EPSS
Exploits0References4
NVD
NVD
added 2025/04/11 5:15 p.m.29 views

CVE-2025-32074

Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki - Confirm Account Extension allows Cross-Site Scripting XSS.This issue affects Mediawiki - Confirm Account Extension: from 1.39 through 1.43...

5.4CVSS0.00196EPSS
Exploits0References2
CVE
CVE
added 2025/04/11 4:22 p.m.72 views

CVE-2025-32074

CVE-2025-32074 affects MediaWiki’s Confirm Account Extension (versions 1.39–1.43). The root cause is an improper encoding/escaping of output that enables Cross-Site Scripting (XSS). The available connected sources identify the affected range and the vulnerability class but do not provide exploit ...

5.4CVSS6.2AI score0.00196EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/04/11 4:22 p.m.22 views

CVE-2025-32074 XSSes in Extension:ConfirmAccount

Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki - Confirm Account Extension allows Cross-Site Scripting XSS.This issue affects Mediawiki - Confirm Account Extension: from 1.39 through 1.43...

0.00196EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/04/11 12:0 a.m.8 views

PT-2025-16138 · Mediawiki +1 · Mediawiki +1

Name of the Vulnerable Software and Affected Versions: Mediawiki - Confirm Account Extension versions 1.39 through 1.43 Description: The issue is related to improper encoding or escaping of output, which enables Cross-Site Scripting XSS in the Mediawiki - Confirm Account Extension. This is due to...

5.4CVSS5.5AI score0.00196EPSS
Exploits0References9
CNNVD
CNNVD
added 2025/04/11 12:0 a.m.3 views

MediaWiki 安全漏洞

MediaWiki is a suite of free and freely available web-based Wiki engines from the Wikimedia USA Foundation. The product can be used to deploy internal knowledge management and content management systems. MediaWiki - A security vulnerability exists in Confirm Account Extension versions 1.39 throug...

5.4CVSS6AI score0.00196EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/02/05 4:36 a.m.7 views

CVE-2024-9930

The Extensions by HocWP Team plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 0.2.3.2. This is due to missing validation on the user being supplied in the 'verifyemail' action. This makes it possible for unauthenticated attackers to log in as any...

9.8CVSS7.1AI score0.00543EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/26 1:58 a.m.9 views

CVE-2024-9930 Extensions by HocWP Team <= 0.2.3.2 - Authentication Bypass

The Extensions by HocWP Team plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 0.2.3.2. This is due to missing validation on the user being supplied in the 'verifyemail' action. This makes it possible for unauthenticated attackers to log in as any...

9.8CVSS7.1AI score0.00543EPSS
Exploits0References2
CVE
CVE
added 2024/10/26 1:58 a.m.44 views

CVE-2024-9930

CVE-2024-9930 (Extensions by HocWP Team, WordPress) is an authentication bypass vulnerability in the Account extension of the plugin, affecting versions up to and including 0.2.3.2. The issue arises from missing validation on the user supplied to the verify_email action, enabling unauthenticated ...

9.8CVSS9.7AI score0.00543EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/10/26 1:58 a.m.20 views

CVE-2024-9930 Extensions by HocWP Team <= 0.2.3.2 - Authentication Bypass

The Extensions by HocWP Team plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 0.2.3.2. This is due to missing validation on the user being supplied in the 'verifyemail' action. This makes it possible for unauthenticated attackers to log in as any...

9.8CVSS0.00543EPSS
Exploits0References2
Rows per page
Query Builder