Lucene search
K

119 matches found

CNNVD
CNNVD
added 2026/04/24 12:0 a.m.10 views

WordPress plugin BetterDocs 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

4.3CVSS5.8AI score0.0027EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/04/23 2:45 p.m.7 views

WordPress BetterDocs – Knowledge Base Docs & FAQ Solution for Elementor & Block Editor plugin <= 4.3.11 - Missing Authorization to Authenticated (Subscriber+) Unauthorized AI API Usage vulnerability

Missing Authorization to Authenticated Subscriber+ Unauthorized AI API Usage vulnerability discovered by h0xilo in WordPress Plugin BetterDocs versions = 4.3.11...

4.3CVSS5.8AI score0.0027EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/04/16 9:31 a.m.6 views

EUVD-2026-23209

The BetterDocs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'betterdocsfeedbackform' shortcode in all versions up to, and including, 4.3.8. This is due to insufficient input sanitization and output escaping on user supplied shortcode attributes. This makes it possible...

6.4CVSS5.9AI score0.00218EPSS
Exploits0References3
NVD
NVD
added 2026/04/16 7:16 a.m.7 views

CVE-2026-3875

The BetterDocs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'betterdocsfeedbackform' shortcode in all versions up to, and including, 4.3.8. This is due to insufficient input sanitization and output escaping on user supplied shortcode attributes. This makes it possible...

6.4CVSS0.00218EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/16 6:44 a.m.3 views

CVE-2026-3875 BetterDocs <= 4.3.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes

The BetterDocs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'betterdocsfeedbackform' shortcode in all versions up to, and including, 4.3.8. This is due to insufficient input sanitization and output escaping on user supplied shortcode attributes. This makes it possible...

6.4CVSS5.9AI score0.00218EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/16 6:44 a.m.37 views

CVE-2026-3875 BetterDocs <= 4.3.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes

The BetterDocs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'betterdocsfeedbackform' shortcode in all versions up to, and including, 4.3.8. This is due to insufficient input sanitization and output escaping on user supplied shortcode attributes. This makes it possible...

6.4CVSS0.00218EPSS
Exploits0References2
CVE
CVE
added 2026/04/16 6:44 a.m.10 views

CVE-2026-3875

The BetterDocs WordPress plugin is vulnerable to Stored Cross-Site Scripting via the betterdocs_feedback_form shortcode attributes in all versions up to 4.3.8. The root cause is insufficient input sanitization and output escaping on user-supplied shortcode attributes, allowing authenticated attac...

6.4CVSS5.9AI score0.00218EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/16 6:44 a.m.7 views

CVE-2026-3875

The BetterDocs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'betterdocsfeedbackform' shortcode in all versions up to, and including, 4.3.8. This is due to insufficient input sanitization and output escaping on user supplied shortcode attributes. This makes it possible...

6.4CVSS5.9AI score0.00218EPSS
Exploits0References3
Patchstack
Patchstack
added 2026/04/16 3:21 a.m.8 views

WordPress BetterDocs plugin <= 4.3.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode Attributes vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin BetterDocs versions = 4.3.8...

6.4CVSS5.8AI score0.00218EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/04/16 12:0 a.m.10 views

WordPress plugin BetterDocs 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.4CVSS5.6AI score0.00218EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/16 12:0 a.m.11 views

PT-2026-33277

The BetterDocs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'betterdocs feedback form' shortcode in all versions up to, and including, 4.3.8. This is due to insufficient input sanitization and output escaping on user supplied shortcode attributes. This makes it possib...

6.4CVSS5.9AI score0.00218EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/13 10:53 p.m.7 views

CVE-2025-14980

The BetterDocs plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.3.3 via the scripts function. This makes it possible for authenticated attackers, with contributor-level access and above, to extract sensitive data including the OpenAI API...

6.5CVSS5.7AI score0.00321EPSS
Exploits0References1
NVD
NVD
added 2026/01/09 7:16 a.m.6 views

CVE-2025-14980

The BetterDocs plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.3.3 via the scripts function. This makes it possible for authenticated attackers, with contributor-level access and above, to extract sensitive data including the OpenAI API...

6.5CVSS0.00321EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/01/09 6:34 a.m.4 views

CVE-2025-14980 BetterDocs <= 4.3.3 - Authenticated (Contributor+) Sensitive Information Exposure

The BetterDocs plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.3.3 via the scripts function. This makes it possible for authenticated attackers, with contributor-level access and above, to extract sensitive data including the OpenAI API...

6.5CVSS5.3AI score0.00321EPSS
Exploits0References3
CVE
CVE
added 2026/01/09 6:34 a.m.23 views

CVE-2025-14980

The CVE-2025-14980 entry concerns BetterDocs – Knowledge Base Documentation & FAQ Solution for Elementor & Block Editor for WordPress. Affected versions: all up to and including 4.3.3. Vulnerability type: Authenticated Sensitive Information Exposure via scripts() function, enabling an attacker wi...

6.5CVSS5.3AI score0.00321EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/01/09 6:34 a.m.23 views

CVE-2025-14980 BetterDocs <= 4.3.3 - Authenticated (Contributor+) Sensitive Information Exposure

The BetterDocs plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.3.3 via the scripts function. This makes it possible for authenticated attackers, with contributor-level access and above, to extract sensitive data including the OpenAI API...

6.5CVSS0.00321EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/09 12:0 a.m.7 views

WordPress plugin BetterDocs 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. An information...

6.5CVSS5.7AI score0.00321EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/01/09 12:0 a.m.7 views

PT-2026-1762

Name of the Vulnerable Software and Affected Versions BetterDocs versions prior to 4.3.4 Description The BetterDocs plugin for WordPress is susceptible to sensitive information exposure through the scripts function. Authenticated attackers with contributor-level access or higher can potentially...

6.5CVSS6AI score0.00321EPSS
Exploits0References5
Patchstack
Patchstack
added 2026/01/08 10:40 p.m.5 views

WordPress BetterDocs plugin <= 4.3.3 - Authenticated (Contributor+) Sensitive Information Exposure vulnerability

Authenticated Contributor+ Sensitive Information Exposure vulnerability discovered by Dmitrii Ignatyev - CleanTalk Inc in WordPress Plugin BetterDocs versions = 4.3.3...

6.5CVSS6.9AI score0.00321EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/07 9:15 a.m.9 views

CVE-2024-2845

The BetterDocs – Best Documentation, FAQ & Knowledge Base Plugin with AI Support & Instant Answer For Elementor & Gutenberg plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 3.4.2 due to insufficient input...

6.4CVSS5.8AI score0.00353EPSS
Exploits0References1
Rows per page
Query Builder