26078 matches found
CVE-2026-35555
creationtimestamp| type| source ---|---|--- 2026-05-12 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-132-02...
EUVD-2026-29396
The Next Date plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'default' shortcode attribute in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attacker...
CVE-2026-4920
The Next Date plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'default' shortcode attribute in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attacker...
CVE-2026-4920 Next Date <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'default' Shortcode Attribute
The Next Date plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'default' shortcode attribute in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attacker...
CVE-2026-4920
The CVE describes a stored cross-site scripting vulnerability in the WordPress plugin Next Date (versions
CVE-2026-4920 Next Date <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'default' Shortcode Attribute
The Next Date plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'default' shortcode attribute in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attacker...
CVE-2026-4920
The Next Date plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'default' shortcode attribute in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attacker...
CVE-2026-40137
creationtimestamp| type| source ---|---|--- 2026-05-12 05:26:51+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mln2i5sblj2i 2026-05-12 14:20:29+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mlnybnopq22h 2026-05-12 14:25:07+00:00| seen|...
CVE-2026-40131
creationtimestamp| type| source ---|---|--- 2026-05-12 05:22:12+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mln277cgve2p 2026-05-12 14:20:28+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mlnybnopq22h 2026-05-12 14:25:06+00:00| seen|...
CVE-2026-7257
creationtimestamp| type| source ---|---|--- 2026-05-12 05:16:51+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlmzwarkql2r...
CVE-2026-40129
creationtimestamp| type| source ---|---|--- 2026-05-12 05:02:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlmz4iwkgu2q 2026-05-12 14:20:28+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mlnybnopq22h 2026-05-12 14:25:06+00:00| seen|...
CVE-2026-40136
creationtimestamp| type| source ---|---|--- 2026-05-12 04:57:12+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlmyt54c6l2p 2026-05-12 14:20:29+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mlnybnopq22h 2026-05-12 14:25:07+00:00| seen|...
CVE-2026-6865
creationtimestamp| type| source ---|---|--- 2026-05-12 04:05:34+00:00| seen| https://www.acn.gov.it/portale/w/vulnerabilita-in-prodotti-schneider-electric-11...
WordPress plugin Next Date 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...
PT-2026-40438
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Improper authorization checks of team members privileges allow a team member to escalate privileges to the team owner account. Recommendations At the moment, the...
CVE-2024-29225
creationtimestamp| type| source ---|---|--- 2026-05-11 22:15:20+00:00| seen| https://jvn.jp/en/vu/JVNVU95381465...
CVE-2026-40621
creationtimestamp| type| source ---|---|--- 2026-05-11 22:00:00+00:00| seen| https://jvn.jp/en/jp/JVN03037325 2026-05-13 15:56:36+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mlqo54teta2n 2026-06-03 01:22:01+00:00| seen|...
CVE-2026-42948
creationtimestamp| type| source ---|---|--- 2026-05-11 22:00:00+00:00| seen| https://jvn.jp/en/jp/JVN03037325 2026-05-13 16:02:24+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlqohjmxk52c...
GHSA-Q9FQ-3RX9-7XCV
creationtimestamp| type| source ---|---|--- 2026-05-11 20:29:17+00:00| seen| https://gist.github.com/tw89Coder/cd011dc1842625f821c171e41e812fbc...
WordPress Next Date plugin <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zaim in WordPress Plugin Next Date versions = 1.0...