Lucene search
K

4 matches found

Cvelist
Cvelist
added 2025/05/28 7:23 a.m.14 views

CVE-2025-5082 WP Attachments <= 5.0.12 - Reflected Cross-Site Scripting via attachment_id Parameter

The WP Attachments plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘attachmentid’ parameter in all versions up to, and including, 5.0.12 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrar...

6.1CVSS0.00275EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/10/27 12:0 a.m.5 views

PT-2024-34362 · Unknown · Ironman Powershell Universal

Name of the Vulnerable Software and Affected Versions: Ironman PowerShell Universal versions prior to 5.0.12 Description: The issue allows an authenticated attacker to elevate their privileges and view job information. Recommendations: For versions prior to 5.0.12, update to version 5.0.12 or lat...

8.8CVSS7AI score0.00426EPSS
Exploits0References3
OSV
OSV
added 2024/08/27 7:15 a.m.5 views

CVE-2024-7304

The Ninja Tables – Easiest Data Table Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 5.0.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

5.4CVSS5.9AI score0.00363EPSS
Exploits0References5
OSV
OSV
added 2022/01/12 6:15 p.m.7 views

CVE-2022-0015

A local privilege escalation PE vulnerability exists in the Palo Alto Networks Cortex XDR agent that enables an authenticated local user to execute programs with elevated privileges. This issue impacts: Cortex XDR agent 5.0 versions earlier than Cortex XDR agent 5.0.12; Cortex XDR agent 6.1...

7.8CVSS7.2AI score0.00229EPSS
Exploits0References1
Rows per page
Query Builder