CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

RedhatCVE•added 2026/01/07 9:15 a.m.•3 views

CVE-2024-2801

The Shopkeeper Extender plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'imageslide' shortcode in all versions up to, and including, 3.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS6.1AI score0.00126EPSS

Exploits0References1

SUSE CVE•added 2025/05/08 11:41 a.m.•1 views

SUSE CVE-2025-32777

Volcano is a Kubernetes-native batch scheduling system. Prior to versions 1.11.2, 1.10.2, 1.9.1, 1.11.0-network-topology-preview.3, and 1.12.0-alpha.2, attacker compromise of either the Elastic service or the extender plugin can cause denial of service of the scheduler. This is a privilege...

8.2CVSS6.7AI score0.00652EPSS

Exploits0References3

NVD•added 2025/04/30 7:15 p.m.•10 views

CVE-2025-32777

8.2CVSS0.00652EPSS

Exploits0References6

Snyk•added 2025/04/30 6:42 p.m.•2 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling when using either the Elastic service or the extender plugin. An attacker can cause the scheduler to crash or become completely unavailable to the cluster. This is only exploitable if...

8.9CVSS7AI score0.00652EPSS

Exploits0References3

Vulnrichment•added 2025/04/30 6:27 p.m.•4 views

CVE-2025-32777 Volcano Scheduler Denial of Service via Unbounded Response from Elastic Service/extender Plugin

8.2CVSS6.4AI score0.00652EPSS

Exploits0References6

Cvelist•added 2025/04/30 6:27 p.m.•19 views

CVE-2025-32777 Volcano Scheduler Denial of Service via Unbounded Response from Elastic Service/extender Plugin

8.2CVSS0.00652EPSS

Exploits0References6

Github Security Blog•added 2025/04/30 4:40 p.m.•7 views

Volcano Scheduler Denial of Service via Unbounded Response from Elastic Service/extender Plugin

Impact This issue allows an attacker who has compromised either the Elastic service or the extender plugin to cause denial of service of the scheduler. This is a privilege escalation, because Volcano users may run their Elastic service and extender plugins in separate pods or nodes from the...

8.2CVSS6.7AI score0.00652EPSS

Exploits0References14Affected Software1

OSV•added 2025/04/30 4:40 p.m.•8 views

GHSA-HG79-FW4P-25P8 Volcano Scheduler Denial of Service via Unbounded Response from Elastic Service/extender Plugin

7.2CVSS6.8AI score0.00652EPSS

Exploits0References14

CNNVD•added 2024/11/11 12:0 a.m.•1 views

WordPress plugin Extender All In One For Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in...

6.5CVSS6AI score0.00156EPSS

Exploits0References2

Positive Technologies•added 2024/11/10 12:0 a.m.•2 views

PT-2024-34718 · Unknown · Extender All In One For Elementor

Name of the Vulnerable Software and Affected Versions: Extender All In One For Elementor versions 1.0.3 and earlier Description: The issue is related to an Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS, which allows Stored XSS. This means that...

6.5CVSS6.4AI score0.00156EPSS

Exploits0References6

CNNVD•added 2024/04/03 12:0 a.m.•3 views

WordPress Plugin Slivery Extender 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...

8.5CVSS8.7AI score0.01009EPSS

Exploits0References2