Lucene search
K

19 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-46014

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00234EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-28362

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.00192EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/06/23 8:40 a.m.6 views

CVE-2025-50037

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Buying Buddy Buying Buddy IDX CRM buying-buddy-idx-crm allows DOM-Based XSS.This issue affects Buying Buddy IDX CRM: from n/a through = 2.3.0...

6.5CVSS5.9AI score0.00192EPSS
Exploits0References1
NVD
NVD
added 2025/06/20 3:15 p.m.9 views

CVE-2025-50037

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Buying Buddy Buying Buddy IDX CRM buying-buddy-idx-crm allows DOM-Based XSS.This issue affects Buying Buddy IDX CRM: from n/a through = 2.3.0...

6.5CVSS0.00192EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/20 3:3 p.m.9 views

CVE-2025-50037 WordPress Buying Buddy IDX CRM plugin <= 2.3.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Buying Buddy Buying Buddy IDX CRM buying-buddy-idx-crm allows DOM-Based XSS.This issue affects Buying Buddy IDX CRM: from n/a through = 2.3.0...

6.5CVSS0.00192EPSS
Exploits0References1
CVE
CVE
added 2025/06/20 3:3 p.m.20 views

CVE-2025-50037

CVE-2025-50037 is a DOM-based Cross‑Site Scripting vulnerability in the WordPress plugin Buying Buddy IDX CRM (versions through 2.3.0). The issue arises from improper neutralization of input during web page generation, enabling arbitrary scripts to run in a victim’s browser. Impact per sources: p...

6.5CVSS5.9AI score0.00192EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/20 3:3 p.m.5 views

CVE-2025-50037 WordPress Buying Buddy IDX CRM plugin <= 2.3.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Buying Buddy Buying Buddy IDX CRM allows DOM-Based XSS. This issue affects Buying Buddy IDX CRM: from n/a through 2.3.0...

6.5CVSS6.5AI score0.00192EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/20 12:0 a.m.5 views

PT-2025-26390 · Unknown · Buying Buddy Idx Crm

Name of the Vulnerable Software and Affected Versions: Buying Buddy IDX CRM versions through 2.3.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows DOM-Based XSS. This enables potential attackers to...

6.5CVSS6AI score0.00192EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/06/20 12:0 a.m.2 views

WordPress plugin Buying Buddy IDX CRM 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. The WordPress Buying Buddy IDX CRM plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of...

6.5CVSS6AI score0.00192EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/06/19 4:25 p.m.6 views

WordPress Buying Buddy IDX CRM plugin <= 2.3.0 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Peter Thaleikis in WordPress Plugin Buying Buddy IDX CRM versions = 2.3.0...

6.5CVSS5.9AI score0.00192EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/02/05 12:21 p.m.4 views

CVE-2024-52446

Cross-Site Request Forgery CSRF vulnerability in Buying Buddy Buying Buddy IDX CRM buying-buddy-idx-crm allows Object Injection.This issue affects Buying Buddy IDX CRM: from n/a through = 1.2.8...

8.8CVSS7.2AI score0.00234EPSS
Exploits0References1
NVD
NVD
added 2024/11/20 12:15 p.m.12 views

CVE-2024-52446

Cross-Site Request Forgery CSRF vulnerability in Buying Buddy Buying Buddy IDX CRM buying-buddy-idx-crm allows Object Injection.This issue affects Buying Buddy IDX CRM: from n/a through = 1.2.8...

8.8CVSS0.00234EPSS
Exploits0References1
CVE
CVE
added 2024/11/20 11:10 a.m.49 views

CVE-2024-52446

CVE-2024-52446 is a CSRF to PHP Object Injection vulnerability affecting the Buying Buddy IDX CRM WordPress plugin (affected: &lt;= 1.1.12). The core issue is CSRF-enabled object injection, enabling an attacker to trigger unintended object deserialization via forged requests. Public references fr...

8.8CVSS7.2AI score0.00234EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/20 11:10 a.m.9 views

CVE-2024-52446 WordPress Buying Buddy IDX CRM plugin <= 1.1.12 - CSRF to PHP Object Injection vulnerability

Cross-Site Request Forgery CSRF vulnerability in Buying Buddy Buying Buddy IDX CRM allows Object Injection.This issue affects Buying Buddy IDX CRM: from n/a through 1.1.12...

8.8CVSS7AI score0.00234EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/20 11:10 a.m.24 views

CVE-2024-52446 WordPress Buying Buddy IDX CRM plugin <= 1.2.8 - CSRF to PHP Object Injection vulnerability

Cross-Site Request Forgery CSRF vulnerability in Buying Buddy Buying Buddy IDX CRM buying-buddy-idx-crm allows Object Injection.This issue affects Buying Buddy IDX CRM: from n/a through = 1.2.8...

8.8CVSS0.00234EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/20 12:0 a.m.2 views

WordPress plugin Buying Buddy IDX CRM 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

8.8CVSS8.1AI score0.00234EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/20 12:0 a.m.2 views

PT-2024-35286 · Unknown · Buying Buddy Idx Crm

Name of the Vulnerable Software and Affected Versions: Buying Buddy IDX CRM versions 1.1.12 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Object Injection in Buying Buddy IDX CRM. Recommendations: For versions 1.1.12 and earlier, update to a...

8.8CVSS9.6AI score0.00234EPSS
Exploits0References5
Patchstack
Patchstack
added 2024/11/18 9:12 a.m.2 views

WordPress Buying Buddy IDX CRM plugin <= 1.2.8 - CSRF to PHP Object Injection vulnerability

CSRF to PHP Object Injection vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin Buying Buddy IDX CRM versions = 1.2.8...

8.8CVSS7.3AI score0.00234EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/11/18 12:0 a.m.13 views

WordPress Buying Buddy IDX CRM Plugin <= 1.1.12 is vulnerable to Cross Site Request Forgery (CSRF)

Software Buying Buddy IDX CRM Type Plugin Vulnerable versions = 1.1.12 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-52446 Patch priority Low CVSS severity Low 8.8 Developer Claim ownership PSID 6670b1d35a14 Credits Mika Required...

8.8CVSS6.7AI score0.00234EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder