Lucene search
K

21 matches found

NVD
NVD
added 2026/06/26 3:16 p.m.5 views

CVE-2026-57642

Contributor SQL Injection in Gallery = 4.7.8 versions...

8.5CVSS0.00211EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 2:53 p.m.5 views

EUVD-2026-39757

Contributor SQL Injection in Gallery = 4.7.8 versions...

8.5CVSS5.8AI score0.00211EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/26 12:30 p.m.6 views

WordPress Gallery plugin <= 4.7.8 - SQL Injection vulnerability

SQL Injection vulnerability discovered by dodoh4t in WordPress Plugin Gallery versions = 4.7.8...

8.5CVSS5.8AI score0.00211EPSS
Exploits0Affected Software1
OSV
OSV
added 2026/03/27 9:5 p.m.5 views

CVE-2026-33938 Handlebars.js has JavaScript Injection via AST Type Confusion by tampering @partial-block

Handlebars provides the power necessary to let users build semantic templates. In versions 4.0.0 through 4.7.8, the @partial-block special variable is stored in the template data context and is reachable and mutable from within a template via helpers that accept arbitrary objects. When a helper...

8.1CVSS6.2AI score0.00709EPSS
Exploits1References10
Cvelist
Cvelist
added 2026/03/27 9:3 p.m.25 views

CVE-2026-33937 Handlebars.js has JavaScript Injection via AST Type Confusion

Handlebars provides the power necessary to let users build semantic templates. In versions 4.0.0 through 4.7.8, Handlebars.compile accepts a pre-parsed AST object in addition to a template string. The value field of a NumberLiteral AST node is emitted directly into the generated JavaScript withou...

9.8CVSS0.0178EPSS
Exploits2References3
Patchstack
Patchstack
added 2026/02/01 1:15 p.m.7 views

WordPress rtMedia for WordPress, BuddyPress and bbPress plugin <= 4.7.8 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Doan Dinh Van in WordPress Plugin rtMedia for WordPress, BuddyPress and bbPress versions = 4.7.8...

5.3CVSS5.5AI score0.00316EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/12/10 3:13 p.m.7 views

CVE-2025-63059

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in arscode Ninja Popups arscode-ninja-popups allows Stored XSS.This issue affects Ninja Popups: from n/a through = 4.7.8...

6.5CVSS6AI score0.00212EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/07 5:33 p.m.4 views

CVE-2025-54737

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NooTheme Jobmonster noo-jobmonster allows Reflected XSS.This issue affects Jobmonster: from n/a through = 4.7.8...

7.1CVSS6.4AI score0.00214EPSS
Exploits0References1
NVD
NVD
added 2025/11/06 4:15 p.m.5 views

CVE-2025-54737

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NooTheme Jobmonster noo-jobmonster allows Reflected XSS.This issue affects Jobmonster: from n/a through = 4.7.8...

7.1CVSS0.00214EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/06 3:54 p.m.12 views

CVE-2025-54737 WordPress Jobmonster theme <= 4.7.8 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NooTheme Jobmonster noo-jobmonster allows Reflected XSS.This issue affects Jobmonster: from n/a through = 4.7.8...

7.1CVSS0.00214EPSS
Exploits0References1
CVE
CVE
added 2025/11/06 3:54 p.m.11 views

CVE-2025-54737

CVE-2025-54737 describes a Reflected XSS in NooTheme Jobmonster/noo-jobmonster due to improper input neutralization during web page generation, affecting WordPress Jobmonster theme

7.1CVSS6AI score0.00214EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/06 12:0 a.m.5 views

WordPress plugin Jobmonster 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

7.1CVSS6AI score0.00214EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/08/31 11:22 a.m.5 views

WordPress Jobmonster theme <= 4.7.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Ananda Dhakal Patchstack in WordPress Theme Jobmonster versions = 4.7.8...

7.1CVSS6.1AI score0.00214EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/07/23 12:27 p.m.7 views

WordPress Jobmonster theme <= 4.7.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Jobmonster versions = 4.7.8...

7.1CVSS6.1AI score0.0028EPSS
Exploits0Affected Software1
OSV
OSV
added 2025/02/26 1:29 p.m.14 views

SUSE-SU-2025:0723-1 Security update for vim

This update for vim fixes the following issues: Update to version 9.1.1101: - CVE-2024-43790: possible out-of-bounds read when performing a search command bsc1229685. - CVE-2024-43802: heap buffer overflow due to incorrect flushing of the typeahead buffer bsc1229822. - CVE-2024-45306: heap buffer...

7.8CVSS5AI score0.00531EPSS
Exploits1References13
CNNVD
CNNVD
added 2024/10/02 12:0 a.m.6 views

Jenkins 安全漏洞

Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project. A security vulnerability exists in Jenkins 2.478 and earlier and LTS 2.462.2 and earlier, which stems from a failed...

4.3CVSS6.6AI score0.00669EPSS
Exploits0References5
OSV
OSV
added 2024/09/26 5:15 a.m.5 views

CVE-2024-7781

The Jupiter X Core plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 4.7.5. This is due to improper authentication via the Social Login widget. This makes it possible for unauthenticated attackers to log in as the first user to have logged in with a...

9.8CVSS5.9AI score0.00953EPSS
Exploits0References4
OSV
OSV
added 2023/10/09 11:15 a.m.7 views

CVE-2023-44993

Cross-Site Request Forgery CSRF vulnerability in QuantumCloud AI ChatBot plugin = 4.7.8 versions...

8.8CVSS7.3AI score0.00214EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/09/04 12:0 a.m.7 views

WordPress plugin AI ChatBot cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

4.8CVSS6AI score0.00408EPSS
Exploits2References2
Circl
Circl
added 2023/05/12 6:27 p.m.8 views

CVE-2022-47880

creationtimestamp| type| source ---|---|--- 2023-05-12 18:27:09+00:00| seen| https://t.me/cibsecurity/64023...

6.8CVSS5.5AI score0.02902EPSS
Exploits4References1
Rows per page
Query Builder