Lucene search
K

9 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-25360

Malicious code in bioql PyPI...

5.9CVSS6.4AI score0.00309EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/22 8:31 a.m.12 views

CVE-2025-49891

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in uxper Uxper Booking uxper-booking allows Blind SQL Injection.This issue affects Uxper Booking: from n/a through = 1.3.3...

8.5CVSS5.9AI score0.00309EPSS
Exploits0References1
NVD
NVD
added 2025/08/20 8:15 a.m.4 views

CVE-2025-49891

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in uxper Uxper Booking uxper-booking allows Blind SQL Injection.This issue affects Uxper Booking: from n/a through = 1.3.3...

8.5CVSS0.00309EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/20 8:3 a.m.5 views

CVE-2025-49891 WordPress Contact Info Widget plugin <= 2.6.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in riotweb Contact Info Widget allows Stored XSS. This issue affects Contact Info Widget: from n/a through 2.6.2...

5.9CVSS6.9AI score0.00309EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/20 8:3 a.m.12 views

CVE-2025-49891 WordPress Uxper Booking Plugin <= 1.3.3 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in uxper Uxper Booking uxper-booking allows Blind SQL Injection.This issue affects Uxper Booking: from n/a through = 1.3.3...

8.5CVSS0.00309EPSS
Exploits0References1
CVE
CVE
added 2025/08/20 8:3 a.m.23 views

CVE-2025-49891

CVE-2025-49891 is a SQL Injection vulnerability in the WordPress plugin Uxper Booking (uxper-booking) , allowing Blind SQL Injection. It affects versions up to and including 1.3.3 . The issue stems from improper neutralization of input in SQL commands, with CVSS 3.1 vector indicating network atta...

8.5CVSS5.9AI score0.00309EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/20 12:0 a.m.2 views

WordPress plugin Contact Info Widget 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

8.5CVSS6AI score0.00309EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/20 12:0 a.m.6 views

PT-2025-33959 · Unknown · Riotweb Contact Info Widget

Name of the Vulnerable Software and Affected Versions: riotweb Contact Info Widget versions through 2.6.2 Description: Improper neutralization of input during web page generation allows for stored cross-site scripting XSS. Recommendations: Update to a version later than 2.6.2...

5.9CVSS5.7AI score0.00309EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/08/17 1:11 a.m.4 views

WordPress Contact Info Widget plugin <= 2.6.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Que Thanh Tuan Blue Rock in WordPress Plugin Contact Info Widget versions = 2.6.2...

5.9CVSS5.8AI score0.00309EPSS
Exploits0Affected Software1
Rows per page
Query Builder