Lucene search
K

171 matches found

Vulnrichment
Vulnrichment
added 2025/09/05 1:45 p.m.3 views

CVE-2025-58825 WordPress Comment Form WP – Customize Default Comment Form plugin <= 2.0.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Habibur Rahman Comment Form WP – Customize Default Comment Form comment-form-wp allows Stored XSS.This issue affects Comment Form WP – Customize Default Comment Form: from n/a through = 2.0.1...

5.9CVSS5.8AI score0.0021EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/09/05 1:29 p.m.4 views

WordPress Comment Form WP – Customize Default Comment Form plugin <= 2.0.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Bao - BlueRock in WordPress Plugin Comment Form WP Customize Default Comment Form versions = 2.0.1...

5.9CVSS5.9AI score0.0021EPSS
Exploits0Affected Software1
Akamai Blog
Akamai Blog
added 2025/08/19 10:20 a.m.5 views

OpenAPI Documentation for Spin Apps with Rust

Learn how to create, customize, and serve OpenAPI Documentation from within Spin apps written in Rust...

5.7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/06/23 8:40 a.m.6 views

CVE-2025-50008

Missing Authorization vulnerability in cscode WooCommerce Manager - Customize and Control Cart page, Add to Cart button, Checkout fields easily innovs-woo-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce Manager - Customize and Control...

5.4CVSS5.9AI score0.00259EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:40 a.m.4 views

CVE-2024-55864

Cross-site scripting vulnerability exists in My WP Customize Admin/Frontend versions prior to ver 1.24.1. If a malicious administrative user customizes the administrative page with some malicious contents, an arbitrary script may be executed on the web browser of the other users who are accessing...

4.8CVSS5AI score0.00326EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:26 a.m.11 views

CVE-2024-10837

The SysBasics Customize My Account for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘tab’ parameter in all versions up to, and including, 2.7.29 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

6.1CVSS6.4AI score0.00368EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:30 a.m.13 views

CVE-2023-51369

Cross-Site Request Forgery CSRF vulnerability in SysBasics Customize My Account for WooCommerce.This issue affects Customize My Account for WooCommerce: from n/a through 1.8.3...

8.8CVSS8.6AI score0.00263EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:33 p.m.10 views

CVE-2020-35856

SolarWinds Orion Platform before 2020.2.5 allows stored XSS attacks by an administrator on the Customize View page...

4.8CVSS5.9AI score0.00723EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/05/14 12:31 p.m.8 views

org.apache.iotdb:client-example (>=2.0.1-beta <=2.0.2-1), org.apache.iotdb:customize-mqtt-example (=2.0.1-beta) +8 more potentially affected by CVE-2025-26864 via org.apache.iotdb:node-commons (>=2.0.1-beta <=2.0.2-1)

org.apache.iotdb:node-commons MAVEN version =2.0.1-beta, =2.0.1-beta, =2.0.1-beta, =2.0.2-1 - org.apache.iotdb:iotdb-distribution =2.0.1-beta - org.apache.iotdb:iotdb-server =2.0.1-beta - org.apache.iotdb:pipe-count-point-processor-example =2.0.1-beta - org.apache.iotdb:trigger-example =2.0.1-bet...

7.5CVSS5.8AI score0.00709EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/04/26 5:47 p.m.14 views

CVE-2025-46477

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Carlo La Pera WP Customize Login Page wp-customize-login-page allows Stored XSS.This issue affects WP Customize Login Page: from n/a through = 1.6.5...

5.9CVSS7.2AI score0.00225EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/26 5:35 p.m.13 views

CVE-2025-46485

Missing Authorization vulnerability in Carlo La Pera WP Customize Login Page wp-customize-login-page allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Customize Login Page: from n/a through = 1.6.5...

5.3CVSS7.2AI score0.00273EPSS
Exploits0References1
NVD
NVD
added 2025/04/24 4:15 p.m.24 views

CVE-2025-46485

Missing Authorization vulnerability in Carlo La Pera WP Customize Login Page wp-customize-login-page allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Customize Login Page: from n/a through = 1.6.5...

5.3CVSS0.00273EPSS
Exploits0References1
NVD
NVD
added 2025/04/24 4:15 p.m.12 views

CVE-2025-46477

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Carlo La Pera WP Customize Login Page wp-customize-login-page allows Stored XSS.This issue affects WP Customize Login Page: from n/a through = 1.6.5...

5.9CVSS0.00225EPSS
Exploits0References1
CVE
CVE
added 2025/04/24 4:9 p.m.45 views

CVE-2025-46485

CVE-2025-46485 refers to a missing authorization vulnerability in the WordPress plugin “WP Customize Login Page” by Carlo La Pera, affecting versions up to 1.6.5. The available documents consistently describe a broken access control scenario where functionality is accessible without proper ACL co...

5.3CVSS7.2AI score0.00273EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/24 4:9 p.m.7 views

CVE-2025-46477 WordPress WP Customize Login Page plugin <= 1.6.5 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Carlo La Pera WP Customize Login Page wp-customize-login-page allows Stored XSS.This issue affects WP Customize Login Page: from n/a through = 1.6.5...

5.9CVSS8.6AI score0.00225EPSS
Exploits0References1
CVE
CVE
added 2025/04/24 4:9 p.m.46 views

CVE-2025-46477

CVE-2025-46477 : WordPress plugin WP Customize Login Page

5.9CVSS7.2AI score0.00225EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/24 12:0 a.m.4 views

WordPress plugin WP Customize Login Page 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

5.9CVSS6.1AI score0.00225EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/04/24 12:0 a.m.7 views

PT-2025-17798 · WordPress · Carlo La Pera Wp Customize Login Page

Name of the Vulnerable Software and Affected Versions: Carlo La Pera WP Customize Login Page versions 1.6.5 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows accessing functionality not properly constrained by Access Control Lists ACLs. This mean...

5.3CVSS6AI score0.00273EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/04/11 5:56 p.m.5 views

CVE-2025-31034

Cross-Site Request Forgery CSRF vulnerability in AboZain Albanna Customize Login Page customize-login-page allows Cross Site Request Forgery.This issue affects Customize Login Page: from n/a through = 1.1...

4.3CVSS7.2AI score0.00211EPSS
Exploits0References1
NVD
NVD
added 2025/04/09 5:15 p.m.5 views

CVE-2025-31034

Cross-Site Request Forgery CSRF vulnerability in AboZain Albanna Customize Login Page customize-login-page allows Cross Site Request Forgery.This issue affects Customize Login Page: from n/a through = 1.1...

4.3CVSS0.00211EPSS
Exploits0References1
Rows per page
Query Builder