Lucene search
K

190 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-17090

Malware in sbrugna...

5.4CVSS5.5AI score0.00595EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-15552

Malware in sbrugna...

8.8CVSS5.8AI score0.01008EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-11270

Malware in sbrugna...

5.4CVSS5.5AI score0.00624EPSS
Exploits2References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2021-11442

Malware in sbrugna...

4.8CVSS5.2AI score0.00598EPSS
Exploits2References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-11430

Malware in sbrugna...

4.8CVSS5.1AI score0.00695EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-43300

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00252EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-36480

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00256EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-10640

Malicious code in bioql PyPI...

7.1CVSS7.7AI score0.00191EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-32715

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00324EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-3260

Malicious code in bioql PyPI...

7.1CVSS8.7AI score0.00378EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/06/08 7:19 a.m.16 views

CVE-2025-5699

The Developer Formatter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Custom CSS in all versions up to, and including, 2015.0.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level...

5.5CVSS5AI score0.00248EPSS
Exploits0References1
CVE
CVE
added 2025/06/06 6:42 a.m.63 views

CVE-2025-5699

CVE-2025-5699 involves the Developer Formatter WordPress plugin. A stored cross-site scripting (XSS) flaw exists in Custom CSS handling across all versions up to 2015.0.2.1, caused by insufficient input sanitization and output escaping. Exploitation requires authenticated admin-level access and c...

5.5CVSS5.1AI score0.00248EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 10:47 a.m.8 views

CVE-2024-49230

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in harry005 Ajax Custom CSS/JS ajax-awesome-css allows Reflected XSS.This issue affects Ajax Custom CSS/JS: from n/a through = 2.0.4...

6.5CVSS5.9AI score0.00252EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:49 a.m.6 views

CVE-2024-7410

The My Custom CSS PHP & ADS plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.3. This is due the plugin not preventing direct access to the /my-custom-css/vendor/mobiledetect/mobiledetectlib/export/exportToJSON.php file and and the file...

5.3CVSS5.2AI score0.00482EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:31 p.m.3 views

CVE-2021-24518

The WPFront Notification Bar WordPress plugin before 2.0.0.07176 does not sanitise or escape its Custom CSS setting, allowing high privilege users such as admin to set XSS payload in it even when the unfilteredhtml capability is disallowed, leading to an authenticated Stored Cross-Site Scripting...

4.8CVSS4.9AI score0.00695EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:18 a.m.6 views

CVE-2019-5984

Cross-site request forgery CSRF vulnerability in Custom CSS Pro 1.0.3 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors...

8.8CVSS7.4AI score0.01008EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/25 3:44 p.m.12 views

CVE-2025-39601

Cross-Site Request Forgery CSRF vulnerability in WPFactory Custom CSS, JS & PHP custom-css allows Remote Code Inclusion.This issue affects Custom CSS, JS & PHP: from n/a through = 2.4.1...

9.6CVSS7.3AI score0.00288EPSS
Exploits1References1
Patchstack
Patchstack
added 2025/04/16 1:53 p.m.12 views

WordPress Custom CSS, JS & PHP plugin <= 2.4.1 - CSRF to RCE vulnerability

CSRF to RCE vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin Custom CSS, JS & PHP versions = 2.4.1...

9.6CVSS8.3AI score0.00288EPSS
Exploits1Affected Software1
NVD
NVD
added 2025/04/16 1:15 p.m.18 views

CVE-2025-39601

Cross-Site Request Forgery CSRF vulnerability in WPFactory Custom CSS, JS & PHP custom-css allows Remote Code Inclusion.This issue affects Custom CSS, JS & PHP: from n/a through = 2.4.1...

9.6CVSS0.00288EPSS
Exploits1References1
CVE
CVE
added 2025/04/16 12:44 p.m.63 views

CVE-2025-39601

The CVE-2025-39601 entry describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin WPFactory Custom CSS, JS & PHP. A CSRF flaw in versions n/a through 2.4.1 allows Remote Code Inclusion (RCE). The issue affects Custom CSS, JS & PHP versions n/a–2.4.1. The risk is rated h...

9.6CVSS7.3AI score0.00288EPSS
Exploits1References1
Rows per page
Query Builder