Lucene search
K

60 matches found

NVD
NVD
added 2026/06/19 2:16 p.m.16 views

CVE-2026-44087

Insufficient Verification of Data Authenticity vulnerability in Apache APISIX. The openid-connect plugin under default configuration has an attack surface that allows the attacker to spoof identity headers allowing the attacker to get unauthorized access the protected resources. This issue affect...

9.1CVSS0.00213EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/19 1:11 p.m.9 views

EUVD-2026-38017

Insufficient Verification of Data Authenticity vulnerability in Apache APISIX. The openid-connect plugin under default configuration has an attack surface that allows the attacker to spoof identity headers allowing the attacker to get unauthorized access the protected resources. This issue affect...

5.3CVSS5.8AI score0.00213EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:30 p.m.10 views

CVE-2026-42316

kafka-sink-azure-kusto Kafka Connect plugin is the official Microsoft sink for Azure Data Explorer Kusto. Prior to 5.2.3, kafka-sink-azure-kusto did not sanitize user-controlled values inside the kusto.tables.topics.mapping configuration. The db, table, mapping, and format fields of each mapping...

6.5CVSS5.9AI score0.00344EPSS
Exploits0References1
NVD
NVD
added 2026/05/12 9:16 a.m.30 views

CVE-2026-6663

The GWD Connect plugin for WordPress is vulnerable to missing authorization to limited code execution in all versions up to, and including, 2.9. This is due to the plugin's standalone agent endpoints gwd-backup.php and gwd-logs.php not verifying authentication when the API key has not been...

4.8CVSS0.00273EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.12 views

PT-2026-39660

kafka-sink-azure-kusto Kafka Connect plugin is the official Microsoft sink for Azure Data Explorer Kusto. Prior to 5.2.3, kafka-sink-azure-kusto did not sanitize user-controlled values inside the kusto.tables.topics.mapping configuration. The db, table, mapping, and format fields of each mapping...

6.5CVSS6.1AI score0.00344EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/14 12:0 a.m.9 views

Apache Apisix 安全漏洞

Apache APISIX is a cloud-native microservices API gateway service provided by the Apache Foundation in the United States. This software is implemented based on OpenResty and etcd, featuring dynamic routing and hot loading of plugins. It is suitable for API management within microservice systems...

7.5CVSS5.8AI score0.0025EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/07 9:30 a.m.6 views

EUVD-2026-10134

The Infomaniak Connect for OpenID plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'endpointlogin' parameter of the infomaniakconnectgenericauthurl shortcode in all versions up to, and including, 1.0.2 due to insufficient input sanitization and output escaping. This makes...

6.4CVSS5.9AI score0.00191EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/01/07 9:9 a.m.14 views

CVE-2024-2667

The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation in the /wp-json/instawp-connect/v1/config REST API endpoint in all versions up to, and including, 0.1.0.22. This makes it possible for...

9.8CVSS7AI score0.05747EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2014-4478

Malware in sbrugna...

4.3CVSS6.4AI score0.01629EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-13520

Malware in sbrugna...

9.8CVSS9.5AI score0.02044EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2015-9284

Malware in sbrugna...

6.1CVSS6.3AI score0.01103EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-44581

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.00758EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-52404

Malicious code in bioql PyPI...

4.8CVSS5.3AI score0.00437EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-44026

Malicious code in bioql PyPI...

9.8CVSS6.4AI score0.00789EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-14884

Malicious code in bioql PyPI...

9.1CVSS9.1AI score0.00609EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-10588

Malicious code in bioql PyPI...

7.2CVSS7.7AI score0.00496EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-19707

Malicious code in bioql PyPI...

5.3CVSS6.4AI score0.00412EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/22 6:23 p.m.11 views

CVE-2025-58257 WordPress Verowa Connect plugin <= 3.2.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Picture-Planet GmbH Verowa Connect verowa-connect allows Stored XSS.This issue affects Verowa Connect: from n/a through = 3.2.3...

6.5CVSS0.00196EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/08/20 9:9 a.m.5 views

WordPress ads.txt Guru Connect Plugin <= 1.1.1 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin ads.txt Guru Connect versions = 1.1.1...

9.6CVSS6.6AI score0.00159EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2025/08/20 8:3 a.m.2 views

CVE-2025-49381 WordPress ads.txt Guru Connect Plugin <= 1.1.1 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in ads.txt Guru ads.txt Guru Connect allows Cross Site Request Forgery. This issue affects ads.txt Guru Connect: from n/a through 1.1.1...

9.6CVSS6.6AI score0.00159EPSS
Exploits0References1
Rows per page
Query Builder