Lucene search
K

166 matches found

CNNVD
CNNVD
added 2023/11/20 12:0 a.m.3 views

WordPress Plugin Magic Embeds Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on PHP and MySQL servers.WordPress plugin is an...

5.4CVSS8.6AI score0.00426EPSS
Exploits2References3
CNNVD
CNNVD
added 2023/11/20 12:0 a.m.7 views

WordPress Plugin Bonus for Woo Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blog sites on PHP and MySQL servers.WordPress plugin is an...

6.1CVSS8.6AI score0.00444EPSS
Exploits2References2
CNNVD
CNNVD
added 2023/11/20 12:0 a.m.4 views

WordPress Plugin WP Post Popup Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

4.8CVSS8.9AI score0.00425EPSS
Exploits2References2
SUSE CVE
SUSE CVE
added 2023/08/30 2:14 a.m.4 views

SUSE CVE-2023-41359

An issue was discovered in FRRouting FRR through 9.0. There is an out-of-bounds read in bgpattraigpvalid in bgpd/bgpattr.c because there is no check for the availability of two bytes during AIGP validation...

5.9CVSS7AI score0.0096EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/08/30 12:0 a.m.4 views

WordPress plugin Slimstat Analytics 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on servers running PHP and MySQL. A cross-site scripting vulnerability exists...

6.4CVSS6.4AI score0.0045EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/08/30 12:0 a.m.5 views

WordPress plugin PostX 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on servers running PHP and MySQL. A cross-site scripting vulnerability exists...

6.1CVSS6.8AI score0.00427EPSS
Exploits2References2
CNNVD
CNNVD
added 2023/08/29 12:0 a.m.5 views

FRRouting FRR 缓冲区错误漏洞

FRRouting FRR is a suite of software that implements and manages various IPV4 and IPV6 routing protocols. A security vulnerability exists in FRRouting FRR version 9.0 and prior versions, which stems from a failure to check the availability of two bytes during AIGP validation...

9.1CVSS7.4AI score0.0096EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/08/28 12:0 a.m.2 views

PT-2023-9202 · Unknown +4 · Frrouting Frr +4

Name of the Vulnerable Software and Affected Versions: FRRouting FRR versions through 9.0 Description: An issue was discovered in FRRouting FRR, where there is an out-of-bounds read in bgp attr aigp valid in bgpd/bgp attr.c because there is no check for the availability of two bytes during AIGP...

9.8CVSS9AI score0.02152EPSS
Exploits3References75
NVD
NVD
added 2023/07/10 4:15 p.m.30 views

CVE-2023-2964

The Simple Iframe WordPress plugin before 1.2.0 does not properly validate one of its WordPress block attribute's content, which may allow users whose role is at least that of a contributor to conduct Stored Cross-Site Scripting attacks...

5.4CVSS5.3AI score0.00544EPSS
Exploits2References1
OSV
OSV
added 2023/06/05 2:15 p.m.3 views

CVE-2022-4946

The Frontend Post WordPress Plugin WordPress plugin through 2.8.4 does not validate an attribute of one of its shortcode, which could allow users with a role as low as contributor to add a malicious shortcode to a page/post, which will redirect users to an arbitrary domain...

5.4CVSS6.8AI score0.00433EPSS
Exploits2References1
OSV
OSV
added 2023/05/08 2:15 p.m.3 views

CVE-2023-0526

The Post Shortcode WordPress plugin through 2.0.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS7.3AI score0.00448EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/05/08 1:58 p.m.11 views

CVE-2023-0537 Product Slider For WooCommerce Lite <= 1.1.7 - Contributor+ Stored XSS

The Product Slider For WooCommerce Lite WordPress plugin through 1.1.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site...

5.3AI score0.00503EPSS
Exploits2References1
OSV
OSV
added 2023/03/28 7:49 p.m.6 views

USN-5982-1 linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15, linux-azure-fde, linux-gcp, linux-gcp-5.15, linux-gkeop, linux-hwe-5.15, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-oracle, linux-oracle-5.15, linux-raspi vulnerabilities

It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs. CVE-2022-2196 It was discovered...

8.8CVSS7.2AI score0.71737EPSS
Exploits7References16
OSV
OSV
added 2023/03/27 4:15 p.m.6 views

CVE-2023-1069

The Complianz WordPress plugin before 6.4.2, Complianz Premium WordPress plugin before 6.4.2 do not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform...

5.4CVSS6.7AI score0.00558EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2023/03/20 8:43 a.m.35 views

CVE-2022-48424

In the Linux kernel before 6.1.3, fs/ntfs3/inode.c does not validate the attribute name offset. An unhandled page fault may occur...

7CVSS7.6AI score0.00266EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2023/03/20 8:43 a.m.53 views

CVE-2022-48423

In the Linux kernel before 6.1.3, fs/ntfs3/record.c does not validate resident attribute names. An out-of-bounds write may occur...

7CVSS7.7AI score0.00266EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/03/20 12:0 a.m.5 views

PT-2023-16131 · WordPress · Custom Content Shortcode

Name of the Vulnerable Software and Affected Versions: Custom Content Shortcode WordPress plugin versions 4.0.2 and earlier Description: The issue concerns the Custom Content Shortcode WordPress plugin, which does not properly validate and escape some of its shortcode attributes before outputting...

5.4CVSS8.3AI score0.00444EPSS
Exploits1References5
NVD
NVD
added 2023/03/19 3:15 a.m.33 views

CVE-2022-48424

In the Linux kernel before 6.1.3, fs/ntfs3/inode.c does not validate the attribute name offset. An unhandled page fault may occur...

7.8CVSS7.4AI score0.00266EPSS
Exploits0References3
Prion
Prion
added 2023/03/19 3:15 a.m.24 views

Default configuration

In the Linux kernel before 6.1.3, fs/ntfs3/inode.c does not validate the attribute name offset. An unhandled page fault may occur...

4.3CVSS7.2AI score0.00266EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2023/03/19 12:0 a.m.27 views

CVE-2022-48424

In the Linux kernel before 6.1.3, fs/ntfs3/inode.c does not validate the attribute name offset. An unhandled page fault may occur...

7.6AI score0.00266EPSS
Exploits0References3
Rows per page
Query Builder