Lucene search
+L

54 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-34024

Malicious code in bioql PyPI...

6.1CVSS8.8AI score0.00443EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-36375

Malicious code in bioql PyPI...

7.1CVSS7AI score0.00396EPSS
Exploits0References1
CVE
CVE
added 2025/09/22 6:24 p.m.10 views

CVE-2025-57947

CVE-2025-57947 is a DOM-based XSS in the Photo Gallery by Ays – Responsive Image Gallery WordPress plugin. The initial description notes improper input neutralization during web page generation. Connected docs corroborate target: Photo Gallery by Ays; affected versions listed as

6.5CVSS5.9AI score0.00258EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:50 a.m.7 views

CVE-2023-32107

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Photo Gallery Team Photo Gallery by Ays – Responsive Image Gallery plugin = 5.1.3 versions...

7.1CVSS5.8AI score0.00396EPSS
Exploits0References1
CVE
CVE
added 2025/04/17 3:48 p.m.40 views

CVE-2025-27285

CVE-2025-27285 is a reflected XSS in WordPress plugin Easy Form by AYS, caused by improper input neutralization during web page generation. Affected: Easy Form by AYS (versions n/a–2.6.9). Impact per sources: potential user-facing cross-site scripting with HIGH severities (CVSS v3.1 ~7.1). Mitiga...

7.1CVSS7.2AI score0.00257EPSS
Exploits0References1
NVD
NVD
added 2024/11/28 9:15 a.m.29 views

CVE-2024-11458

The FAQ Builder AYS plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'aysfaqtab' parameter in all versions up to, and including, 1.7.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary w...

6.1CVSS0.00443EPSS
Exploits0References4
CVE
CVE
added 2024/11/28 8:47 a.m.55 views

CVE-2024-11458

CVE-2024-11458 affects the WordPress plugin FAQ Builder AYS (versions ≤ 1.7.1). The vulnerability is a Reflected Cross-Site Scripting via the ays_faq_tab parameter caused by insufficient input sanitization and output escaping. Exploitation requires user interaction (e.g., tricking a user into cli...

6.1CVSS6AI score0.00443EPSS
Exploits0References4
Patchstack
Patchstack
added 2024/09/27 7:51 a.m.10 views

WordPress AI Assistant with ChatGPT by AYS plugin <= 2.0.9 - Unauthenticated AJAX Calls vulnerability

Unauthenticated AJAX Calls vulnerability discovered by Kieran Burge in WordPress Plugin AI ChatBot with ChatGPT and Content Generator by AYS versions = 2.0.9...

7.5CVSS7AI score0.00848EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2024/09/27 7:50 a.m.6 views

WordPress AI Chatbot with ChatGPT by AYS plugin <= 2.0.9 - Unauthenticated OpenAI Key Disclosure vulnerability

Unauthenticated OpenAI Key Disclosure vulnerability discovered by Kieran Burge in WordPress Plugin AI ChatBot with ChatGPT and Content Generator by AYS versions = 2.0.9...

7.5CVSS7AI score0.00305EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/09/27 12:0 a.m.19 views

WordPress AI ChatBot with ChatGPT and Content Generator by AYS Plugin <= 2.0.9 is vulnerable to Sensitive Data Exposure

Software AI ChatBot with ChatGPT and Content Generator by AYS Type Plugin Vulnerable versions = 2.0.9 Fixed in 2.1.0 OWASP Top 10 A4: Insecure Design Classification Sensitive Data Exposure CVE CVE-2024-7713 Patch priority Low CVSS severity Low 5.8 Developer Claim ownership PSID 5f8161e14afa Credi...

7.5CVSS6.6AI score0.00305EPSS
Exploits0References4Affected Software1
Patchstack
Patchstack
added 2024/06/28 1:32 p.m.5 views

WordPress Photo Gallery by Ays plugin < 5.7.1 - HTML Injection vulnerability

HTML Injection vulnerability discovered by Ibnu Ubaeydillah Patchstack Alliance in WordPress Plugin Photo Gallery by Ays versions 5.7.1...

5.5CVSS7.2AI score0.00354EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/06/28 12:0 a.m.19 views

WordPress Photo Gallery by Ays Plugin < 5.7.1 is vulnerable to Content Injection

Software Photo Gallery by Ays Type Plugin Vulnerable versions 5.7.1 Fixed in 5.7.1 OWASP Top 10 A3: Injection Classification Content Injection CVE CVE-2024-37442 Patch priority Low CVSS severity Low 3.8 Developer Claim ownership PSID 76b249292f10 Credits Ibnu Ubaeydillah Required privilege...

5.5CVSS6.9AI score0.00354EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2024/03/27 12:0 a.m.6 views

WordPress Plugin Photo Gallery by Ays 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

7.1CVSS7AI score0.00394EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/03/25 12:0 a.m.9 views

WordPress Photo Gallery by Ays Plugin <= 5.5.2 is vulnerable to Cross Site Scripting (XSS)

Software Photo Gallery by Ays Type Plugin Vulnerable versions = 5.5.2 Fixed in 5.5.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29919 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1347875f8607 Credits Majed Refaea Required...

7.1CVSS6.8AI score0.00394EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/03 11:14 a.m.12 views

CVE-2023-39917 WordPress Photo Gallery by Ays Plugin <= 5.2.6 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Photo Gallery Team Photo Gallery by Ays – Responsive Image Gallery plugin = 5.2.6 versions...

4.3CVSS7.1AI score0.00214EPSS
Exploits0References1
OSV
OSV
added 2023/08/23 2:15 p.m.7 views

CVE-2023-32498

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Easy Form team Easy Form by AYS plugin = 1.2.0 versions...

4.8CVSS7.3AI score0.00369EPSS
Exploits0References1
NVD
NVD
added 2023/08/23 2:15 p.m.23 views

CVE-2023-32498

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Easy Form team Easy Form by AYS plugin = 1.2.0 versions...

5.9CVSS5.4AI score0.00369EPSS
Exploits0References1
Prion
Prion
added 2023/08/23 2:15 p.m.20 views

Cross site scripting

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Easy Form team Easy Form by AYS plugin = 1.2.0 versions...

4.3CVSS4.8AI score0.00369EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/08/23 1:48 p.m.45 views

CVE-2023-32498

CVE-2023-32498 : WordPress plugin Easy Form by AYS, affected versions ≤ 1.2.0, suffers a stored XSS vulnerability that requires administrator privileges. Patch available in version 1.2.1; update to 1.2.1 or later to fix.

5.9CVSS5AI score0.00369EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/08/23 1:48 p.m.34 views

CVE-2023-32498 WordPress Easy Form by AYS Plugin <= 1.2.0 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Easy Form team Easy Form by AYS plugin = 1.2.0 versions...

5.9CVSS5.5AI score0.00369EPSS
Exploits0References1
Rows per page
Query Builder