Lucene search
K

9 matches found

CVE
CVE
added 2025/12/24 12:31 p.m.14 views

CVE-2025-68525

CVE-2025-68525 targets the WordPress Category Icon plugin (versions up to and including 1.0.2). The root cause is improper input neutralization during web-page generation, leading to Stored Cross-Site Scripting (XSS). Affected product/component: WordPress Category Icon category-icon feature; impa...

5.9CVSS5.6AI score0.00148EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-25366

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00319EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/18 4:3 p.m.17 views

CVE-2025-31915

Cross-Site Request Forgery CSRF vulnerability in kamleshyadav Pixel WordPress Form BuilderPlugin & Autoresponder pixel-formbuilder allows Cross Site Request Forgery.This issue affects Pixel WordPress Form BuilderPlugin & Autoresponder: from n/a through = 1.0.3...

5.4CVSS7.2AI score0.00132EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/02 12:0 a.m.2 views

PT-2025-1543 · Unknown · Dragfy Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Dragfy Addons for Elementor versions 1.0.2 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations: For Dragfy Addo...

5.4CVSS8.6AI score0.00367EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/12/07 12:0 a.m.3 views

PT-2024-17016 · WordPress · Easy Code Snippets

Name of the Vulnerable Software and Affected Versions: Easy Code Snippets plugin for WordPress versions up to, and including, 1.0.2 Description: The issue is related to Reflected Cross-Site Scripting via the page parameter due to insufficient input sanitization and output escaping. This allows...

6.1CVSS6.9AI score0.00285EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/05/03 12:0 a.m.7 views

PT-2024-24884 · Shortpixel · Shortpixel Critical Css

Name of the Vulnerable Software and Affected Versions: ShortPixel Critical CSS versions 1.0.2 and earlier Description: The issue is related to a Missing Authorization vulnerability in ShortPixel Critical CSS. This vulnerability affects the software by allowing unauthorized access due to the lack ...

7.6CVSS6.5AI score0.00431EPSS
Exploits0References4
OSV
OSV
added 2023/12/20 4:15 p.m.4 views

CVE-2023-31092

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Foxskav Easy Bet.This issue affects Easy Bet: from n/a through 1.0.2...

8.1CVSS7.3AI score0.0057EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/09/22 12:0 a.m.6 views

PT-2023-27751 · Unknown · Juplink Rx4-1500

Name of the Vulnerable Software and Affected Versions: Juplink RX4-1500 versions V1.0.2 through V1.0.5 Description: The issue allows remote authenticated attackers to execute commands via specially crafted requests to the vulnerable endpoint "homemng.htm". This enables attackers to inject command...

8.8CVSS8.6AI score0.0174EPSS
Exploits0References6
vulnersOsv
vulnersOsv
added 2020/09/03 8:25 p.m.5 views

12g (=0.0.27), 402 (>=0.0.2 <=0.1.1) +994 more potentially affected by unknown CVE via sequelize (>=1.0.2 <=4.44.3)

sequelize NPM version =1.0.2, =0.0.2, =1.16.1, =1.16.0, =1.16.0, =1.16.0, =1.16.0, =0.0.1, =1.1.7, =0.0.1, =1.0.0, =4.0.2, =5.2.3 and more Source cves: unknown CVE Source advisory: OSV:GHSA-FW4P-36J9-RRJ3...

5.7AI score
Exploits0
Rows per page
Query Builder