Lucene search
K

234 matches found

Wired Threat Level
Wired Threat Level
added 2026/04/26 3:26 a.m.12 views

California Engineer Identified in Suspected Shooting at White House Correspondents’ Dinner

A 31-year-old engineer and self-described indie game developer is suspected of firing shots at the annual event attended by President Donald Trump, high-profile media figures, and US government officials...

5.3AI score
Exploits0
OSV
OSV
added 2026/01/20 9:3 a.m.6 views

RLSA-2026:0756 Moderate: transfig security update

The transfig utility creates a makefile which translates FIG created by xfig or PIC figures into a specified LaTeX graphics language for example, PostScriptTM. Transfig is used to create TeX documents which are portable i.e., they can be printed in a wide variety of environments. Install transfig...

7.8CVSS6.5AI score0.00251EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/01/09 9:16 a.m.3 views

CVE-2025-14792

The Key Figures plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the kffieldfiguredefaultcolorrender function in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

4.4CVSS5AI score0.00192EPSS
Exploits0References1
NVD
NVD
added 2026/01/07 12:16 p.m.3 views

CVE-2025-14792

The Key Figures plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the kffieldfiguredefaultcolorrender function in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

4.4CVSS0.00192EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/01/07 7:17 a.m.30 views

CVE-2025-14792 Key Figures <= 1.1 - Authenticated (Admin+) Stored Cross-Site Scripting via kf_field_figure_default_color_render

The Key Figures plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the kffieldfiguredefaultcolorrender function in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

4.4CVSS0.00192EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/07 7:17 a.m.4 views

CVE-2025-14792 Key Figures <= 1.1 - Authenticated (Admin+) Stored Cross-Site Scripting via kf_field_figure_default_color_render

The Key Figures plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the kffieldfiguredefaultcolorrender function in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

4.4CVSS4.7AI score0.00192EPSS
Exploits0References2
CVE
CVE
added 2026/01/07 7:17 a.m.19 views

CVE-2025-14792

CVE-2025-14792: Key Figures (WordPress) plugin vulnerable to Stored XSS via kf_field_figure_default_color_render in all versions up to 1.1; affects multisite and sites with unfiltered_html disabled. Exploitation requires authenticated admin-level access; payloads execute when users visit the inje...

4.4CVSS4.7AI score0.00192EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/07 12:0 a.m.3 views

WordPress plugin Key Figures 安全漏洞

WordPress and the WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host personal blog sites on PHP and MySQL-based servers. A security...

4.4CVSS5.7AI score0.00192EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/07 12:0 a.m.23 views

PT-2026-1580

Name of the Vulnerable Software and Affected Versions Key Figures plugin for WordPress versions prior to 1.2 Description The Key Figures plugin for WordPress is susceptible to Stored Cross-Site Scripting through the kf field figure default color render function. Insufficient input sanitization an...

4.4CVSS5.2AI score0.00192EPSS
Exploits0References4
Patchstack
Patchstack
added 2026/01/06 10:15 p.m.8 views

WordPress Key Figures plugin <= 1.1 - Authenticated (Admin+) Stored Cross-Site Scripting via kf_field_figure_default_color_render vulnerability

Authenticated Admin+ Stored Cross-Site Scripting via kffieldfiguredefaultcolorrender vulnerability discovered by afnaan - SMKN 1 Bantul in WordPress Plugin Key Figures versions = 1.1...

4.4CVSS5.6AI score0.00192EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/11/13 3:23 a.m.2 views

MAL-2025-186803 Malicious code in eridanus-antimatter-figures-dotenv-safe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bc9f078e333a05d5703ffb66d84694f1b93317ddb74c0ff6cd1be5c855ec5899 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.3 views

EUVD-2025-178799

Malicious code in gacrux-figures-postcss-fornax npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.3 views

EUVD-2025-178914

Malicious code in figures-middleware-proxima-jabbah npm...

6.6AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.4 views

Malicious code in init-venus-sync-figures (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 41b6e40d812a9363fa5f719d89f8033b005cc387fbeadb50dac11ca6fcd9ba44 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.2 views

EUVD-2025-178918

Malicious code in figures-duplex-magnetar-await npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.3 views

EUVD-2025-177333

Malicious code in panspermia-seismology-yildun-figures npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.2 views

EUVD-2025-176708

Malicious code in release-it-nova-orbit-figures npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.2 views

EUVD-2025-178440

Malicious code in impulse-dependencies-spinner-figures npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.1 views

EUVD-2025-178920

Malicious code in figures-betelgeuse-ethology-magellan npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.1 views

EUVD-2025-178919

Malicious code in figures-duplex-halley-vuetify npm...

6.6AI score
Exploits0
Rows per page
Query Builder