Lucene search
K

32231 matches found

NVD
NVD
added 4 days ago9 views

CVE-2026-11798

The Social Share, Social Login and Social Comments Plugin – Super Socializer plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'heateormastodonshare' parameter in all versions up to, and including, 7.14.5 due to insufficient input sanitization and output escaping. This...

6.1CVSS0.00204EPSS
Exploits0References3
CVE
CVE
added 4 days ago12 views

CVE-2026-11798

The CVE concerns the WordPress plugin Social Share, Social Login and Social Comments Plugin – Super Socializer . It is vulnerable to Reflected Cross-Site Scripting via the parameter heateor_mastodon_share in all versions up to and including 7.14.5 , caused by insufficient input sanitization and o...

6.1CVSS6.1AI score0.00204EPSS
Exploits0References3
Cvelist
Cvelist
added 4 days ago33 views

CVE-2026-11798 Social Share, Social Login and Social Comments Plugin <= 7.14.5 - Reflected Cross-Site Scripting via 'heateor_mastodon_share' Parameter

The Social Share, Social Login and Social Comments Plugin – Super Socializer plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'heateormastodonshare' parameter in all versions up to, and including, 7.14.5 due to insufficient input sanitization and output escaping. This...

6.1CVSS0.00204EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 4 days ago6 views

CVE-2026-11798 Social Share, Social Login and Social Comments Plugin <= 7.14.5 - Reflected Cross-Site Scripting via 'heateor_mastodon_share' Parameter

The Social Share, Social Login and Social Comments Plugin – Super Socializer plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'heateormastodonshare' parameter in all versions up to, and including, 7.14.5 due to insufficient input sanitization and output escaping. This...

6.1CVSS6.1AI score0.00204EPSS
Exploits0References3
EUVD
EUVD
added 4 days ago8 views

EUVD-2026-42168

The Social Share, Social Login and Social Comments Plugin – Super Socializer plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'heateormastodonshare' parameter in all versions up to, and including, 7.14.5 due to insufficient input sanitization and output escaping. This...

6.1CVSS6.1AI score0.00204EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 4 days ago6 views

CVE-2026-11798

The Social Share, Social Login and Social Comments Plugin – Super Socializer plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'heateormastodonshare' parameter in all versions up to, and including, 7.14.5 due to insufficient input sanitization and output escaping. This...

6.1CVSS6.1AI score0.00204EPSS
Exploits0References4
GithubExploit
GithubExploit
added 4 days ago56 views

Exploit for Unrestricted Upload of File with Dangerous Type in Joomlack Page_Builder_Ck

CVE-2026-56290 - Compagebuilderck Mass Exploit ⚠️ Disclai...

10CVSS6.1AI score0.02912EPSS
Exploits4
Fedora
Fedora
added 4 days ago6 views

[SECURITY] Fedora 43 Update: perl-JavaScript-Minifier-XS-0.16-1.fc43

JavaScript::Minifier::XS is a JavaScript "minifier"; it's designed to remove unnecessary white space and comments from JavaScript files without breaking the JavaScript...

7.5CVSS6AI score0.00609EPSS
Exploits0
Fedora
Fedora
added 4 days ago6 views

[SECURITY] Fedora 44 Update: perl-JavaScript-Minifier-XS-0.16-1.fc44

JavaScript::Minifier::XS is a JavaScript "minifier"; it's designed to remove unnecessary white space and comments from JavaScript files without breaking the JavaScript...

7.5CVSS5.9AI score0.00609EPSS
Exploits0
Positive Technologies
Positive Technologies
added 4 days ago11 views

PT-2026-56317

The Social Share, Social Login and Social Comments Plugin – Super Socializer plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'heateor mastodon share' parameter in all versions up to, and including, 7.14.5 due to insufficient input sanitization and output escaping. Thi...

6.1CVSS6.1AI score0.00204EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 4 days ago6 views

PT-2026-56608

Appium is a cross-platform automation framework for all kinds of apps, built on top of the W3C WebDriver protocol. Prior to 10.7.0, Appium's base-driver unconditionally mounts the /test/guinea-pig, /test/guinea-pig-scrollable, and /test/guinea-pig-app-banner routes, and compileLodashTemplate...

6.5CVSS6.1AI score0.00285EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 4 days ago4 views

PT-2026-56552

Name of the Vulnerable Software and Affected Versions Bitwarden Server versions prior to 2026.6.0 Description An issue exists where the server fails to verify if the email address provided in the body of the 'POST /auth-requests/admin-request' endpoint belongs to the authenticated user. This allo...

9.3CVSS6.1AI score0.00186EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 4 days ago7 views

PT-2026-56539

Name of the Vulnerable Software and Affected Versions PasswordPusher versions prior to 2.8.1 Description Insufficient validation in the valid url function allows the application to accept data URI schemes in URL push payloads. This enables attackers to create malicious pushes containing...

8.2CVSS6.1AI score0.00192EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 4 days ago7 views

PT-2026-56285

Name of the Vulnerable Software and Affected Versions WebPros Plesk versions prior to 18.0.78.4 Description Incorrect authorization in the XML-RPC API allows a low-privileged authenticated customer to look up domains they do not own. This occurs because ownership is enforced only for specific...

9.9CVSS6AI score0.00336EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 4 days ago5 views

PT-2026-56586

Name of the Vulnerable Software and Affected Versions PAN-OS versions prior to 12.1.8 PAN-OS versions prior to 11.2.13 PAN-OS versions prior to 11.1.16 PAN-OS versions prior to 10.2.18-h8 Description A command injection issue exists in the management plane of the software, specifically within the...

8.5CVSS6.2AI score0.01101EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 4 days ago5 views

PT-2026-56529

Multiple protection mechanism failures in the Prisma Access Agent Data Loss Prevention DLP component for Windows allow a local user to bypass DLP policy enforcement controls. The Prisma Access Agent on macOS is not affected...

8.4CVSS5.9AI score0.00151EPSS
Exploits0References3
Drupal
Drupal
added 4 days ago6 views

AI SEO/GEO Analyzer - Moderately critical - Cross-site Scripting - SA-CONTRIB-2026-076

The AI SEO/GEO Analyzer module generates SEO/GEO analysis reports by sending content of an entity including its comments to an LLM, then converts the model's Markdown response to HTML and stores it for display to privileged users. The generated HTML was rendered without passing through Drupal's...

6AI score0.00254EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 4 days ago10 views

PT-2026-56665

Name of the Vulnerable Software and Affected Versions Drupal AI SEO/GEO Analyzer versions 0.0.0 through 1.1.3 Description Stored Cross-site Scripting XSS occurs when the module generates SEO/GEO analysis reports by sending entity content, including comments, to a Large Language Model LLM. The...

6.1AI score0.00254EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 4 days ago8 views

PT-2026-56532

We'll be publishing five security issues CVE-2026-55106, CVE-2026-54730, CVE-2026-57580, GHSA-rv9x-92g6-9cpf, GHSA-hmrg-vpp4-gj88 and accompanying fixes on 2026-07-15, 14:00 UTC with the Severity levels High and Moderate. For more info, see the authentik Security policy here:...

5.9AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 4 days ago7 views

PT-2026-56531

We'll be publishing five security issues CVE-2026-55106, CVE-2026-54730, CVE-2026-57580, GHSA-rv9x-92g6-9cpf, GHSA-hmrg-vpp4-gj88 and accompanying fixes on 2026-07-15, 14:00 UTC with the Severity levels High and Moderate. For more info, see the authentik Security policy here:...

5.9AI score
Exploits0References1
Rows per page
Query Builder