Lucene search
K

3661 matches found

EUVD
EUVD
added 3 days ago8 views

EUVD-2026-41470

The weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'sectionTitleTag' and 'articleTitleTag' Block Attributes in all versions up to, and including, 2.3.0 due to insufficient input sanitization and outpu...

6.4CVSS5.9AI score0.00206EPSS
Exploits0References5
CVE
CVE
added 3 days ago11 views

CVE-2026-12731

The CVE-2026-12731 entry concerns the weDocs WordPress plugin (Docs, Documentation, Wiki & AI Chatbot). Affected: all versions up to 2.3.0. Issue: Stored Cross-Site Scripting via the Block Attributes sectionTitleTag and articleTitleTag, caused by insufficient input sanitization and output escapin...

6.4CVSS5.9AI score0.00206EPSS
Exploits0References5
NVD
NVD
added 2026/06/25 4:16 p.m.5 views

CVE-2026-48940

A Joomla user with K2 "create item" rights Author tier by default can submit an article whose embedVideo POST field contains a raw tag; K2 stores it verbatim and renders it unescaped to any visitor of the article page...

3.4CVSS0.00167EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 3:26 p.m.4 views

EUVD-2026-39445

A Joomla user with K2 "create item" rights Author tier by default can submit an article whose embedVideo POST field contains a raw tag; K2 stores it verbatim and renders it unescaped to any visitor of the article page...

3.4CVSS5.9AI score0.00167EPSS
Exploits0References1
Microsoft Security Update
Microsoft Security Update
added 2026/06/09 5:0 p.m.20 views

2026-06 Dynamic Cumulative Update for Windows 10 Version 21H2 for x86-based Systems (KB5094127)

ComponentUpdate: A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft...

5.4AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 2026/06/09 5:0 p.m.18 views

2026-06 Cumulative Update for Windows 10 Version 22H2 for x86-based Systems (KB5094127)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...

5.4AI score
Exploits0
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.7 views

WordPress plugin Soliloquy Lite 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

5.4CVSS5.2AI score0.00171EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/01 3:32 a.m.43 views

CVE-2026-48191 Wrong Permission Handling in Document Search Article Meta Filters

An incorrect handling of permissions in STORM powered by OTRS and in OTRS 2026.x and above Document Search Article Meta Filters modules allows gaining knowledge about number of affected CIs, SLA and services without gaining access to them. This issue affects OTRS with STORM modules: 7.0.X 8.0.X...

3.5CVSS0.00143EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/01 3:32 a.m.9 views

CVE-2026-48191

An incorrect handling of permissions in STORM powered by OTRS and in OTRS 2026.x and above Document Search Article Meta Filters modules allows gaining knowledge about number of affected CIs, SLA and services without gaining access to them. This issue affects OTRS with STORM modules: 7.0.X 8.0.X...

3.5CVSS5.8AI score0.00143EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/01 3:32 a.m.20 views

CVE-2026-48191

CVE-2026-48191 affects STORM modules in OTRS (versions 7.0.x, 8.0.x, 2023.x, 2024.x, 2025.x, and 2026.x prior to 2026.4.x). The vulnerability arises from incorrect handling of permissions in Document Search Article Meta Filters, enabling an attacker to learn the number of affected CIs, SLA and se...

3.5CVSS5.8AI score0.00143EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.10 views

OTRS 安全漏洞

OTRS is a service management solution developed by the German company OTRS. Vulnerabilities exist in versions 7.0.X, 8.0.X, 2023.X, 2024.X, 2025.X, and 2026.X of OTRS, as well as versions before 2026.4.X. These vulnerabilities stem from improper handling of permissions in the document search...

3.5CVSS5.3AI score0.00143EPSS
Exploits0References1
NVD
NVD
added 2026/05/29 7:16 p.m.16 views

CVE-2026-49386

In JetBrains YouTrack before 2026.1.13570 improper access control allowed enumeration of restricted issues and articles on Planning Canvas...

6.5CVSS0.00248EPSS
Exploits0References1
CVE
CVE
added 2026/05/29 6:15 p.m.24 views

CVE-2026-49386

CVE-2026-49386 affects JetBrains YouTrack prior to 2026.1.13570, where an improper access control allows enumeration of restricted issues and articles on Planning Canvas. The issue’s impact is limited to information exposure (enumeration) without indicating broader code execution or data modifica...

6.5CVSS5.8AI score0.00248EPSS
Exploits0References1Affected Software1
Circl
Circl
added 2026/05/28 12:51 p.m.15 views

CVE-2026-48770

creationtimestamp| type| source ---|---|--- 2026-05-28 12:51:30+00:00| seen| https://www.acn.gov.it/portale/w/notepad-poc-pubblici-per-le-cve-2026-48800-cve-2026-48778-e-cve-2026-48770 2026-06-01 04:52:35+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116673056260872400 2026-06-01...

5CVSS5.8AI score0.00258EPSS
Exploits2References6
RedhatCVE
RedhatCVE
added 2026/05/26 8:14 p.m.12 views

CVE-2026-9376

A vulnerability was determined in JPress up to 1.0.3. The affected element is an unknown function of the file /ucenter/article/doWriteSave of the component UCenter Article Submission Endpoint. Executing a manipulation of the argument id/userId can lead to improper authorization. The attack may be...

6.5CVSS6.2AI score0.00252EPSS
Exploits0References1
Snyk
Snyk
added 2026/05/24 1:48 p.m.8 views

Improper Authorization

Overview Affected versions of this package are vulnerable to Improper Authorization via the doWriteSave process in the UCenter Article Submission Endpoint when handling the id or userId arguments. An attacker can gain unauthorized access to or modify articles by sending crafted requests to the...

6.5CVSS6.6AI score0.00252EPSS
Exploits0References2
NVD
NVD
added 2026/05/24 11:16 a.m.13 views

CVE-2026-9376

A vulnerability was determined in JPress up to 1.0.3. The affected element is an unknown function of the file /ucenter/article/doWriteSave of the component UCenter Article Submission Endpoint. Executing a manipulation of the argument id/userId can lead to improper authorization. The attack may be...

6.5CVSS0.00252EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/24 10:45 a.m.10 views

CVE-2026-9376 JPress UCenter Article Submission Endpoint doWriteSave improper authorization

A vulnerability was determined in JPress up to 1.0.3. The affected element is an unknown function of the file /ucenter/article/doWriteSave of the component UCenter Article Submission Endpoint. Executing a manipulation of the argument id/userId can lead to improper authorization. The attack may be...

6.5CVSS6.2AI score0.00252EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/24 10:45 a.m.12 views

EUVD-2026-31590

A vulnerability was determined in JPress up to 1.0.3. The affected element is an unknown function of the file /ucenter/article/doWriteSave of the component UCenter Article Submission Endpoint. Executing a manipulation of the argument id/userId can lead to improper authorization. The attack may be...

6.5CVSS6.2AI score0.00252EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/24 10:45 a.m.18 views

CVE-2026-9376 JPress UCenter Article Submission Endpoint doWriteSave improper authorization

A vulnerability was determined in JPress up to 1.0.3. The affected element is an unknown function of the file /ucenter/article/doWriteSave of the component UCenter Article Submission Endpoint. Executing a manipulation of the argument id/userId can lead to improper authorization. The attack may be...

6.5CVSS0.00252EPSS
Exploits0References4
Rows per page
Query Builder