Lucene search
+L

82 matches found

CVE
CVE
added 3 days ago8 views

CVE-2026-11390

Vulnerability summary (CVE-2026-11390): News Kit Addons For Elementor (WordPress) versions up to 1.4.6 are affected by a stored cross-site scripting (XSS) flaw in the Site Logo Title and Single Author Box widgets. The root cause is insufficient input sanitization and output escaping. Exploitation...

6.4CVSS6.2AI score0.00252EPSS
Exploits0References9
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-43611

The News Kit Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Site Logo Title and Single Author Box Widgets in all versions up to, and including, 1.4.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS6.2AI score0.00252EPSS
Exploits0References9
Cvelist
Cvelist
added 3 days ago28 views

CVE-2026-11390 News Kit Addons For Elementor <= 1.4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Site Logo Title and Single Author Box Widgets

The News Kit Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Site Logo Title and Single Author Box Widgets in all versions up to, and including, 1.4.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS0.00252EPSS
Exploits0References9
NVD
NVD
added 4 days ago3 views

CVE-2026-57420

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Netrr Author Box WP Lens author-box-for-divi allows Stored XSS.This issue affects Author Box WP Lens: from n/a through = 2.1.5...

6.5CVSS0.00161EPSS
Exploits0References1
Cvelist
Cvelist
added 4 days ago29 views

CVE-2026-57420 WordPress Author Box WP Lens plugin <= 2.1.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Netrr Author Box WP Lens author-box-for-divi allows Stored XSS.This issue affects Author Box WP Lens: from n/a through = 2.1.5...

6.5CVSS0.00161EPSS
Exploits0References1
CVE
CVE
added 4 days ago10 views

CVE-2026-57420

CVE-2026-57420 concerns a Stored XSS in the WordPress plugin Author Box WP Lens (component: author-box-for-divi). The vulnerability arises from improper neutralization of input during web page generation, enabling stored cross-site scripting. Affected range is WordPress users running versions

6.5CVSS6.1AI score0.00161EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/07/08 1:41 p.m.5 views

WordPress Author Box WP Lens plugin <= 2.1.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by ParkHyunWoo in WordPress Plugin Author Box WP Lens versions = 2.1.5...

6.5CVSS6.1AI score0.00161EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-13864

Malicious code in bioql PyPI...

4.3CVSS6.2AI score0.0014EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-43619

Malicious code in bioql PyPI...

5.9CVSS6.4AI score0.00386EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-43173

Malicious code in bioql PyPI...

4.8CVSS5AI score0.00501EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-8367

Malicious code in bioql PyPI...

5.3CVSS9AI score0.00447EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-28034

Malicious code in bioql PyPI...

6.5CVSS7.3AI score0.00169EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-27948

Malicious code in bioql PyPI...

4.3CVSS6.2AI score0.00128EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:41 a.m.7 views

CVE-2023-39921

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Molongui Author Box, Guest Author and Co-Authors for Your Posts – Molongui allows Stored XSS.This issue affects Author Box, Guest Author and Co-Authors for Your Posts – Molongui: from n/a through...

5.9CVSS6.5AI score0.00386EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:41 a.m.14 views

CVE-2023-39164

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Molongui Author Box for Authors, Co-Authors, Multiple Authors and Guest Authors – Molongui plugin = 4.6.19 versions...

7.1CVSS6AI score0.00331EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:13 p.m.8 views

CVE-2022-3833

The Fancier Author Box by ThematoSoup WordPress plugin through 1.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...

4.8CVSS5.6AI score0.00501EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:23 p.m.7 views

CVE-2021-24745

The About Author Box WordPress plugin before 1.0.2 does not sanitise and escape the Social Profiles field values before outputting them in attributes, which could allow user with a role as low as contributor to perform Cross-Site Scripting attacks...

5.4CVSS6.1AI score0.00604EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/21 5:19 p.m.9 views

CVE-2025-46263

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Lloyd Saunders Author Box After Posts author-box-after-posts allows Stored XSS.This issue affects Author Box After Posts: from n/a through = 1.6...

6.5CVSS7.2AI score0.00169EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 5:19 p.m.8 views

CVE-2025-39371

Cross-Site Request Forgery CSRF vulnerability in Sanjeev Mohindra Author Box Plugin With Different Description author-box-with-different-description allows Cross Site Request Forgery.This issue affects Author Box Plugin With Different Description: from n/a through = 1.3.5...

4.3CVSS7.2AI score0.00128EPSS
Exploits0References1
NVD
NVD
added 2025/05/19 5:15 p.m.23 views

CVE-2025-46263

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Lloyd Saunders Author Box After Posts author-box-after-posts allows Stored XSS.This issue affects Author Box After Posts: from n/a through = 1.6...

6.5CVSS0.00169EPSS
Exploits0References1
Rows per page
Query Builder