Lucene search
+L

557 matches found

Positive Technologies
Positive Technologies
added 2025/12/30 12:0 a.m.6 views

PT-2025-54227

Name of the Vulnerable Software and Affected Versions inMusic Brands Engine DJ version 4.3.0 Description Engine DJ version 4.3.0 is affected by an issue with insecure permissions. An exposed HTTP service within the Remote Library feature allows attackers to access all files and network paths...

7.5CVSS6.7AI score0.00377EPSS
Exploits1References8
Vulnrichment
Vulnrichment
added 2025/12/30 12:0 a.m.4 views

CVE-2025-66723

inMusic Brands Engine DJ before 4.3.4 suffers from Insecure Permissions due to exposed HTTP service in the Remote Library, which allows attackers to access all files and network paths...

6.5AI score0.00377EPSS
Exploits1References2
Patchstack
Patchstack
added 2025/12/29 11:28 p.m.4 views

WordPress Blog Filter plugin <= 1.7.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Blog Filter versions = 1.7.3...

6.5CVSS6.1AI score0.00127EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/12/22 1:52 a.m.7 views

WordPress Jobs for WordPress plugin <= 2.8.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Jobs for WordPress versions = 2.8.1...

5.4CVSS5.2AI score0.0013EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/12/21 1:59 a.m.7 views

WordPress Post Grid and Gutenberg Blocks plugin <= 2.3.23 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Post Grid and Gutenberg Blocks versions = 2.3.23...

5.4CVSS5.9AI score0.00133EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/12/19 7:32 a.m.4 views

CVE-2025-60057

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes DJ Rainflow dj-rainflow allows PHP Local File Inclusion.This issue affects DJ Rainflow: from n/a through = 1.3.13...

8.1CVSS7.1AI score0.00431EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/18 9:30 a.m.4 views

EUVD-2025-204128

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes DJ Rainflow dj-rainflow allows PHP Local File Inclusion.This issue affects DJ Rainflow: from n/a through = 1.3.13...

8.1CVSS6.6AI score0.00431EPSS
Exploits0References2
NVD
NVD
added 2025/12/18 8:16 a.m.3 views

CVE-2025-60057

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes DJ Rainflow dj-rainflow allows PHP Local File Inclusion.This issue affects DJ Rainflow: from n/a through = 1.3.13...

8.1CVSS0.00431EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/18 7:22 a.m.26 views

CVE-2025-60057 WordPress DJ Rainflow theme <= 1.3.13 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes DJ Rainflow dj-rainflow allows PHP Local File Inclusion.This issue affects DJ Rainflow: from n/a through = 1.3.13...

8.1CVSS0.00431EPSS
Exploits0References1
CVE
CVE
added 2025/12/18 7:22 a.m.10 views

CVE-2025-60057

CVE-2025-60057 corresponds to a Local File Inclusion vulnerability in the WordPress DJ Rainflow theme (

8.1CVSS6.7AI score0.00431EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/18 7:22 a.m.2 views

CVE-2025-60057 WordPress DJ Rainflow theme <= 1.3.13 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes DJ Rainflow dj-rainflow allows PHP Local File Inclusion.This issue affects DJ Rainflow: from n/a through = 1.3.13...

8.1CVSS6.7AI score0.00431EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/18 12:0 a.m.5 views

WordPress plugin DJ Rainflow 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

8.1CVSS6.6AI score0.00431EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/18 12:0 a.m.4 views

PT-2025-52118

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes DJ Rainflow dj-rainflow allows PHP Local File Inclusion.This issue affects DJ Rainflow: from n/a through = 1.3.13...

7.1AI score0.00431EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/12/15 1:30 p.m.10 views

WordPress WP Visitor Statistics (Real Time Traffic) plugin <= 8.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin WP Visitor Statistics Real Time Traffic versions = 8.3...

6.5CVSS6.1AI score0.00167EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/12/15 1:30 p.m.8 views

WordPress WP-ShowHide plugin <= 1.05 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin WP-ShowHide versions = 1.05...

7.1CVSS6.1AI score0.00167EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/12/11 10:46 p.m.8 views

WordPress BUKAZU Search widget plugin <= 3.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'shortcode' Shortcode Attribute vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'shortcode' Shortcode Attribute vulnerability discovered by Gilang - DJ in WordPress Plugin BUKAZU Search widget versions = 3.3.2...

6.4CVSS5.8AI score0.00245EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/11/26 3:22 a.m.7 views

WordPress oik plugin <= 4.15.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin oik versions = 4.15.3...

6.5CVSS6.1AI score0.00167EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/11/23 1:36 a.m.18 views

WordPress Accordion Slider plugin <= 1.9.13 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Accordion Slider versions = 1.9.13...

6.5CVSS6.1AI score0.00134EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/11/20 10:37 p.m.9 views

WordPress BrightTALK WordPress Shortcode plugin <= 2.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Gilang - DJ in WordPress Plugin BrightTALK WordPress Shortcode versions = 2.4.0...

6.4CVSS5.8AI score0.00166EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/11/18 11:33 p.m.9 views

WordPress Community Events plugin <= 1.5.4 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Community Events versions = 1.5.4...

7.5CVSS8.1AI score0.00317EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder