Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

Cvelist
Cvelistadded 2026/06/09 2:28 a.m.36 views

CVE-2026-7556 FV Flowplayer Video Player <= 7.5.49.7212 - Unauthenticated Stored Cross-Site Scripting via Comment Text

The FV Flowplayer Video Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the comment text in all versions up to, and including, 7.5.49.7212 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

7.2CVSS0.00241EPSS
Exploits0References6
CVE
CVEadded 2026/06/09 2:28 a.m.22 views

CVE-2026-7556

The FV Flowplayer Video Player plugin for WordPress is affected by a Stored Cross-Site Scripting (XSS) vulnerability in all versions up to 7.5.49.7212. The issue arises from insufficient input sanitization and output escaping in comment text, allowing unauthenticated attackers to inject web scrip...

7.2CVSS5.7AI score0.00241EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 2026/06/09 12:0 a.m.10 views

PT-2026-47635

Name of the Vulnerable Software and Affected Versions FV Flowplayer Video Player versions prior to 7.5.49.7213 Description The FV Flowplayer Video Player plugin for WordPress contains a Stored Cross-Site Scripting issue caused by insufficient input sanitization and output escaping of comment text...

7.2CVSS5.7AI score0.00241EPSS
Exploits0References9
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2006-0789

Malware in sbrugna...

4.3CVSS6.4AI score0.01875EPSS
Exploits1References7
Vulnrichment
Vulnrichmentadded 2024/11/13 2:2 a.m.10 views

CVE-2024-9578 Hide Links <= 1.4.2 - Unauthenticated Shortcode Execution

The Hide Links plugin for WordPress is vulnerable to unauthorized shortcode execution due to doshortcode being hooked through the commenttext filter in all versions up to and including 1.4.2. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes available on the...

5.3CVSS7.7AI score0.00536EPSS
Exploits0References2
Veracode
Veracodeadded 2022/05/27 4:47 a.m.32 views

Cross-Site Scripting (XSS)

@angular/core is vulnerable to cross-site scripting. The vulnerability exists in few methods due to not escaping the comment text which allows an attacker to inject and execute arbitrary javascript...

5.4CVSS3.1AI score0.01053EPSS
Exploits0References6Affected Software5
Prion
Prionadded 2022/04/10 9:15 p.m.18 views

Cross site scripting

A cross-site scripting XSS vulnerability at /ofcms/company-c-47 in OFCMS v1.1.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Comment text box...

3.5CVSS5.3AI score0.00417EPSS
Exploits1References1Affected Software1
OSV
OSVadded 2021/09/30 10:15 p.m.2 views

CVE-2020-20799

JeeCMS 1.0.1 contains a stored cross-site scripting XSS vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the commentText parameter...

5.4CVSS5.9AI score0.00487EPSS
Exploits1References1
0day.today
0day.todayadded 2011/03/17 12:0 a.m.24 views

b2evolution 4.0.3 Persistent XSS Vulnerability

Exploit for php platform in category web applications ------------------------------------------------------------------------ Software................b2evolution 4.0.3 Vulnerability...........Persistent Cross-site Scripting Threat Level............Moderate 2/5...

7.1AI score
Exploits0
Rows per page
Query Builder