Lucene search
K

354 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:5 a.m.7 views

CVE-2019-20833

An issue was discovered in Foxit PhantomPDF before 8.3.10. It has mishandling of cloud credentials, as demonstrated by Google Drive...

7.5CVSS7AI score0.01488EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:28 a.m.10 views

CVE-2023-49769

Cross-Site Request Forgery CSRF vulnerability in SoftLab Integrate Google Drive.This issue affects Integrate Google Drive: from n/a through 1.3.4...

8.8CVSS8.5AI score0.00259EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2025/12/18 5:34 p.m.12 views

China-Aligned Threat Group Uses Windows Group Policy to Deploy Espionage Malware

A previously undocumented China-aligned threat cluster dubbed LongNosedGoblin has been attributed to a series of cyber attacks targeting governmental entities in Southeast Asia and Japan. The end goal of these attacks is cyber espionage, Slovak cybersecurity company ESET said in a report publishe...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/12/11 1:16 p.m.22 views

NANOREMOTE Malware Uses Google Drive API for Hidden Control on Windows Systems

Cybersecurity researchers have disclosed details of a new fully-featured Windows backdoor called NANOREMOTE that uses the Google Drive API for command-and-control C2 purposes. According to a report from Elastic Security Labs, the malware shares code similarities with another implant codenamed...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/12/05 5:53 p.m.12 views

Zero-Click Agentic Browser Attack Can Delete Entire Google Drive Using Crafted Emails

A new agentic browser attack targeting Perplexity's Comet browser that's capable of turning a seemingly innocuous email into a destructive action that wipes a user's entire Google Drive contents, findings from Straiker STAR Labs show. The zero-click Google Drive Wiper technique hinges on connecti...

7AI score
Exploits0
Fedora
Fedora
added 2025/12/03 12:59 a.m.9 views

[SECURITY] Fedora 43 Update: rclone-1.72.0-1.fc43

"rsync for cloud storage" - Google Drive, S3, Dropbox, Backblaze B2, One Driv e, Swift, Hubic, Wasabi, Google Cloud Storage, Azure Blob, Azure Files, Yandex Files...

7.5CVSS7AI score0.00626EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/11/28 2:54 a.m.11 views

CVE-2025-12666

The Google Drive upload and download link plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'link' parameter of the 'atachfilegoogle' shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS5.2AI score0.00189EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/27 3:30 a.m.4 views

EUVD-2025-199789

The Google Drive upload and download link plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'link' parameter of the 'atachfilegoogle' shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS4.8AI score0.00189EPSS
Exploits0References4
NVD
NVD
added 2025/11/27 3:15 a.m.13 views

CVE-2025-12666

The Google Drive upload and download link plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'link' parameter of the 'atachfilegoogle' shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS0.00189EPSS
Exploits0References3
CVE
CVE
added 2025/11/27 2:26 a.m.24 views

CVE-2025-12666

CVE-2025-12666 in the WordPress plugin “Google Drive upload and download link” is a Stored Cross‑Site Scripting flaw via the 'link' parameter of the atachfilegoogle shortcode. Root cause: insufficient input sanitization and output escaping. Affected since versions up to and including 1.0. Impact:...

6.4CVSS4.9AI score0.00189EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/11/27 2:26 a.m.12 views

CVE-2025-12666 Google Drive upload and download link <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Google Drive upload and download link plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'link' parameter of the 'atachfilegoogle' shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS0.00189EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/11/27 2:26 a.m.6 views

CVE-2025-12666 Google Drive upload and download link <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Google Drive upload and download link plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'link' parameter of the 'atachfilegoogle' shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS4.9AI score0.00189EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/11/27 12:0 a.m.9 views

PT-2025-48219

The Google Drive upload and download link plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'link' parameter of the 'atachfilegoogle' shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS5.2AI score0.00189EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/11/27 12:0 a.m.4 views

WordPress plugin Google Drive upload and download link 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

6.4CVSS5.9AI score0.00189EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/11/26 11:50 p.m.6 views

WordPress Google Drive upload and download link plugin <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zakaria in WordPress Plugin Google Drive upload and download link versions = 1.0...

6.4CVSS5.9AI score0.00189EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2025/11/11 12:0 a.m.3 views

WordPress plugin integrate-google-drive information disclosure vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. WordPress plugin integrate-google-drive has an information disclosure vulnerability, the...

7.5CVSS5.8AI score0.02362EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/06 7:17 a.m.4 views

CVE-2025-12139

The File Manager for Google Drive – Integrate Google Drive with WordPress plugin for WordPress is vulnerable to sensitive information exposure in all versions up to, and including, 1.5.3 via the "getlocalizedata" function. This makes it possible for unauthenticated attackers to extract sensitive...

7.5CVSS5.7AI score0.02362EPSS
Exploits0References1
NVD
NVD
added 2025/11/05 7:15 a.m.5 views

CVE-2025-12139

The File Manager for Google Drive – Integrate Google Drive with WordPress plugin for WordPress is vulnerable to sensitive information exposure in all versions up to, and including, 1.5.3 via the "getlocalizedata" function. This makes it possible for unauthenticated attackers to extract sensitive...

7.5CVSS0.02362EPSS
Exploits0References5
CVE
CVE
added 2025/11/05 6:35 a.m.30 views

CVE-2025-12139

The CVE-2025-12139 vulnerability affects the File Manager for Google Drive – Integrate Google Drive with WordPress plugin for WordPress. The issue, present in all versions up to 1.5.3, stems from improper protection of the get_localize_data function and enables unauthenticated attackers to exfilt...

7.5CVSS5.3AI score0.02362EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/11/05 6:35 a.m.3 views

CVE-2025-12139 File Manager for Google Drive – Integrate Google Drive with WordPress <= 1.5.3 - Unauthenticated Sensitive Information Exposure

The File Manager for Google Drive – Integrate Google Drive with WordPress plugin for WordPress is vulnerable to sensitive information exposure in all versions up to, and including, 1.5.3 via the "getlocalizedata" function. This makes it possible for unauthenticated attackers to extract sensitive...

7.5CVSS5.3AI score0.02362EPSS
Exploits0References5
Rows per page
Query Builder