Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

19 matches found

GithubExploit
GithubExploitadded 2026/05/09 10:38 a.m.62 views

CoreExploit-Final

CoreExploit 🔐 Ethical Penetration Testing Learning Platfor...

5.8AI score
Exploits0
Vulnrichment
Vulnrichmentadded 2025/11/01 3:34 a.m.1 views

CVE-2025-11928 CSS & JavaScript Toolbox <= 12.0.5 - Authenticated (Admin+) Stored Cross-Site Scripting

The CSS & JavaScript Toolbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 12.0.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level...

4.4CVSS4.7AI score0.00022EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2025-24726

Malicious code in bioql PyPI...

7.5CVSS6.5AI score0.00157EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 6:23 p.m.3 views

CVE-2021-23996

By utilizing 3D CSS in conjunction with Javascript, content could have been rendered outside the webpage's viewport, resulting in a spoofing attack that could have been used for phishing or other attacks on a user. This vulnerability affects Firefox 88...

6.5CVSS6.3AI score0.00186EPSS
Exploits0References1
CNNVD
CNNVDadded 2024/10/18 12:0 a.m.0 views

WordPress plugin Ajax Custom CSS/JS 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

6.5CVSS6AI score0.00355EPSS
Exploits0References2
Patchstack
Patchstackadded 2024/10/14 11:19 a.m.2 views

WordPress Ajax Custom CSS/JS plugin <= 2.0.4 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Ajax Custom CSS/JS versions = 2.0.4...

6.5CVSS6.1AI score0.00355EPSS
Exploits0Affected Software1
NVD
NVDadded 2024/01/05 10:15 a.m.6 views

CVE-2023-52121

Cross-Site Request Forgery CSRF vulnerability in NitroPack Inc. NitroPack – Cache & Speed Optimization for Core Web Vitals, Defer CSS & JavaScript, Lazy load Images.This issue affects NitroPack – Cache & Speed Optimization for Core Web Vitals, Defer CSS & JavaScript, Lazy load Images: from n/a...

8.8CVSS6.3AI score0.00051EPSS
Exploits0References1
OSV
OSVadded 2023/12/21 3:15 p.m.1 views

CVE-2023-50823

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Wipeout Media CSS & JavaScript Toolbox allows Stored XSS.This issue affects CSS & JavaScript Toolbox: from n/a through 11.7...

5.4CVSS7.3AI score
Exploits0References1
Prion
Prionadded 2023/12/21 3:15 p.m.19 views

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Wipeout Media CSS & JavaScript Toolbox allows Stored XSS.This issue affects CSS & JavaScript Toolbox: from n/a through 11.7...

4.9CVSS6.9AI score0.00155EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2023/12/21 2:35 p.m.13 views

CVE-2023-50823 WordPress CSS & JavaScript Toolbox Plugin <= 11.7 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Wipeout Media CSS & JavaScript Toolbox allows Stored XSS.This issue affects CSS & JavaScript Toolbox: from n/a through 11.7...

6.5CVSS6.6AI score0.00155EPSS
Exploits0References1
CNNVD
CNNVDadded 2023/12/21 12:0 a.m.3 views

WordPress plugin CSS & JavaScript Toolbox Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress...

6.5CVSS6.1AI score0.00155EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2023/08/18 9:47 p.m.9 views

CVE-2023-40173 Unsalted passwords in fobybus/social-media-skeleton

Social media skeleton is an uncompleted/framework social media project implemented using a php, css ,javascript and html. Prior to version 1.0.5 Social media skeleton did not properly salt passwords leaving user passwords susceptible to cracking should an attacker gain access to hashed passwords...

7.5CVSS7.6AI score0.00081EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2023/08/08 6:31 p.m.10 views

CVE-2023-39518 social-media-skeleton stored Cross-site Scripting vulnerability

social-media-skeleton is an uncompleted social media project implemented using PHP, MySQL, CSS, JavaScript, and HTML. Versions 1.0.0 until 1.0.3 have a stored cross-site scripting vulnerability. The problem is patched in v1.0.3...

5.4CVSS6AI score0.01173EPSS
Exploits0References3
Amazon
Amazonadded 2023/06/12 12:0 a.m.6 views

Important: golang

Issue Overview: html/template: improper sanitization of CSS values Angle brackets were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character could result in unexpectedly closing the CSS context and allowing for...

9.8CVSS7.3AI score0.00289EPSS
Exploits0
FreeBSD
FreeBSDadded 2023/04/27 12:0 a.m.64 views

go -- multiple vulnerabilities

The Go project reports: crypto/tls: restrict RSA keys in certificates to = 8192 bits Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. Limit this by restricting the size of RSA keys transmitted during handshakes to = 8192...

9.8CVSS7.1AI score0.00344EPSS
Exploits0References4
CNVD
CNVDadded 2021/11/08 12:0 a.m.24 views

Sourcecodester Online Event Booking and Reservation System HTML Injection Vulnerability

Sourcecodester Online Event Booking and Reservation System is developed using PHP, MySQL database, HTML, CSS, Javascript, Bootstrap and AdminLTE. The system can be accessed by three types of users, namely system administrators, students and teachers. Sourcecodester Online Event Booking and...

4.3CVSS1.2AI score0.37983EPSS
Exploits3References1
Cvelist
Cvelistadded 2018/05/31 8:0 p.m.16 views

CVE-2016-10552

igniteui 0.0.5 and earlier downloads JavaScript and CSS resources over insecure protocol...

7.5AI score0.00136EPSS
Exploits0References1
GithubExploit
GithubExploitadded 2017/07/08 4:5 a.m.1 views

html-social-share-buttons

It is an HTML/CSS/JavaScript library for adding social media sha...

6.1AI score
Exploits0
Packet Storm
Packet Stormadded 2014/04/10 12:0 a.m.25 views

AppFish Offline Coder 2.2 Persistent Script Insertion

Document Title: =============== AppFish Offline Coder v2.2 iOS - Persistent Software Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1252 Release Date: ============= 2014-04-08 Vulnerability Laboratory ID VL-ID:...

7.4AI score
Exploits0
Rows per page
Query Builder