Lucene search
K

4 matches found

EUVD
EUVD
added 2026/06/16 4:30 a.m.15 views

EUVD-2026-37033

The Premmerce Dev Tools plugin for WordPress is vulnerable to Remote Code Execution via missing authorization in versions up to and including 2.0. This is due to the 'generatePluginHandler' function lacking any authorization check before processing user-supplied POST data, combined with the...

8.8CVSS6.6AI score0.00607EPSS
Exploits0References7
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/11 12:34 a.m.17 views

Malicious code in @common-stack/generate-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 15f30b45b6ea31758071424512b5ad882005c2a2f55740597fb8122c59a448d1 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References11
Snyk
Snyk
added 2026/04/03 10:21 p.m.5 views

Server-side Request Forgery (SSRF)

Overview prompts.chat is a Developer toolkit for AI prompts - build, validate, parse, and connect to prompts.chat Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the Wiro media-generate plugin. An attacker can access internal network resources and exfiltra...

5.3CVSS5.8AI score0.00195EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/10/21 8:3 a.m.5 views

WordPress Code Generate plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin Code Generate versions = 1.0...

7.1CVSS6.2AI score0.00275EPSS
Exploits0Affected Software1
Rows per page
Query Builder