Lucene search
K

105 matches found

Cvelist
Cvelist
added 6 days ago32 views

CVE-2026-12399 Gutenverse <= 3.8.0 - Authenticated (Editor+) Stored Cross-Site Scripting via 'fonts[].font.font.value' Parameter

The Gutenverse – WordPress Blocks, Page Builder & Site Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.8.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

4.4CVSS0.00246EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 6 days ago10 views

PT-2026-53053

Name of the Vulnerable Software and Affected Versions Gutenverse versions prior to 3.8.1 Description The Gutenverse – WordPress Blocks, Page Builder & Site Editor plugin for WordPress contains a Stored Cross-Site Scripting issue in the admin settings. This occurs due to insufficient input...

4.4CVSS5.9AI score0.00246EPSS
Exploits0References16
OSV
OSV
added 2026/06/08 1:16 p.m.8 views

UBUNTU-CVE-2026-7186

Stored cross-site scripting in the URL dashboard widget in Checkmk 2.5.0p5, 2.4.0p31, 2.3.0p48, and all 2.2.0 versions allows a user with dashboard editing permissions to store a URL with a dangerous URI scheme such as javascript: that executes scripts in other users' browsers when they view the...

8.5CVSS5.2AI score0.00136EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/04 7:28 p.m.7 views

CVE-2026-41518

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. In versions 4.9.0 through 5.0.0, an authenticated user with project-editor permissions can store arbitrary HTML/JavaScript in the ChartDatasetConfig.legend field. The...

7.6CVSS6AI score0.002EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/05/21 8:34 p.m.37 views

GHSA-2C5X-4JGF-88MJ NocoDB: SSRF Protection Bypass in Notification Webhook Plugins (Slack, Discord, Mattermost, Teams)

Summary The request-filtering-agent SSRF protection was non-functional in the four notification webhook plugins Slack, Discord, Mattermost, Teams because httpAgent / httpsAgent were passed as part of the request body rather than the axios config. An authenticated user with hook-creation permissio...

4.3CVSS5.9AI score0.00176EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/13 9:32 p.m.24 views

EUVD-2026-30137

Editors could delete any annotation, even those they do not have read access to. The editor user cannot create or read the annotations...

4.3CVSS5.8AI score0.00198EPSS
Exploits0References2
NVD
NVD
added 2026/05/13 8:16 p.m.33 views

CVE-2026-28374

Editors could delete any annotation, even those they do not have read access to. The editor user cannot create or read the annotations...

4.3CVSS0.00198EPSS
Exploits0References1
OSV
OSV
added 2026/05/13 8:16 p.m.5 views

UBUNTU-CVE-2026-28374

Editors could delete any annotation, even those they do not have read access to. The editor user cannot create or read the annotations...

4.3CVSS5.8AI score0.00198EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/12 9:24 p.m.10 views

CVE-2026-41195 mosparo: Rule package source URL stored SSRF enables internal HTTP probing

mosparo is the modern solution to protect your online forms from spam. Prior to 1.4.13, the automatic rule package source URL feature allows a project member with the editor role to store an attacker-controlled URL that the server later fetches. Because the server follows http/https redirects and...

5CVSS5.8AI score0.00197EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.12 views

mosparo 代码问题漏洞

Mosparo is a modern spam protection software developed under open source. Versions of Mosparo prior to 1.4.13 had code vulnerabilities. These vulnerabilities stemmed from the automatic rule package source URL feature, which allowed project members with editor roles to store URLs controlled by...

5CVSS5.9AI score0.00197EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/11 2:52 p.m.32 views

CVE-2026-42841 Grav: Stored XSS via Markdown media attribute() action in Grav CMS

Grav is a file-based Web platform. Prior to 2.0.0-beta.2, an authenticated user with page editing permissions can inject an executable JavaScript event-handler attribute into rendered image HTML through Grav's Markdown media action syntax. The issue is caused by Markdown image query parameters...

6.9CVSS0.00397EPSS
Exploits1References2
Snyk
Snyk
added 2026/04/21 6:31 p.m.3 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization in the handling of CSS preprocessor files. An attacker can access arbitrary files from the server by leveraging the import functionality in .less, .sass, or .scss files, even when cms.safemode is enabled. This is...

6.9CVSS5.9AI score0.00246EPSS
Exploits0References2
NVD
NVD
added 2026/04/21 5:16 p.m.16 views

CVE-2026-29179

October is a Content Management System CMS and web platform. Prior to 3.7.16 and 4.1.16, fine-grained sub-permission checks for asset and blueprint file operations were not enforced in the CMS and Tailor editor extensions. This only affects backend users who were explicitly granted editor access...

3.3CVSS0.00144EPSS
Exploits0References1
NVD
NVD
added 2026/04/21 5:16 p.m.6 views

CVE-2026-26067

October is a Content Management System CMS and web platform. Prior to 3.7.14 and 4.1.10, a server-side information disclosure vulnerability was identified in the handling of CSS preprocessor files. Backend users with Editor permissions could craft .less, .sass, or .scss files that leverage the...

4.9CVSS0.00246EPSS
Exploits0References1
OSV
OSV
added 2026/04/21 5:15 p.m.2 views

GHSA-JVWG-PHXX-J3RP October CMS: Editor Sub-Permission Bypass for Asset and Blueprint File Operations

Fine-grained sub-permission checks for asset and blueprint file operations were not enforced in the CMS and Tailor editor extensions. This only affects backend users who were explicitly granted editor access but had editor.cmsassets or editor.tailorblueprints specifically withheld, an uncommon...

3.3CVSS5.7AI score0.00144EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/04/21 5:15 p.m.9 views

October CMS: Editor Sub-Permission Bypass for Asset and Blueprint File Operations

Fine-grained sub-permission checks for asset and blueprint file operations were not enforced in the CMS and Tailor editor extensions. This only affects backend users who were explicitly granted editor access but had editor.cmsassets or editor.tailorblueprints specifically withheld, an uncommon...

3.3CVSS5.7AI score0.00144EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/21 4:19 p.m.3 views

CVE-2026-29179

October is a Content Management System CMS and web platform. Prior to 3.7.16 and 4.1.16, fine-grained sub-permission checks for asset and blueprint file operations were not enforced in the CMS and Tailor editor extensions. This only affects backend users who were explicitly granted editor access...

3.3CVSS5.8AI score0.00144EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/04/21 4:16 p.m.20 views

CVE-2026-26067

CVE-2026-26067 affects October CMS prior to versions 3.7.14 and 4.1.10. A server-side information disclosure flaw exists in handling CSS preprocessor files (LESS/SASS/SCSS) through the compiler import function, allowing backend users with Editor permissions to read arbitrary server files. The iss...

4.9CVSS5.9AI score0.00246EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/21 4:16 p.m.27 views

CVE-2026-26067 October: Safe Mode Bypass via CSS Preprocessor Compilers

October is a Content Management System CMS and web platform. Prior to 3.7.14 and 4.1.10, a server-side information disclosure vulnerability was identified in the handling of CSS preprocessor files. Backend users with Editor permissions could craft .less, .sass, or .scss files that leverage the...

4.9CVSS0.00246EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/21 4:16 p.m.6 views

CVE-2026-26067

October is a Content Management System CMS and web platform. Prior to 3.7.14 and 4.1.10, a server-side information disclosure vulnerability was identified in the handling of CSS preprocessor files. Backend users with Editor permissions could craft .less, .sass, or .scss files that leverage the...

4.9CVSS5.9AI score0.00246EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder