Lucene search
K

190 matches found

Patchstack
Patchstack
added 2024/10/23 12:0 a.m.3 views

Drupal Loft Data Grids module < 7.x-2.7,< 7.x-3.0 - Authenticated Multiple Vulnerabilities

Authenticated Multiple Vulnerabilities discovered by Juraj Nemec in WordPress Module Loft Data Grids versions 7.x-2.7, 7.x-3.0...

7AI score
Exploits0References1Affected Software1
Drupal
Drupal
added 2024/10/23 12:0 a.m.18 views

Loft Data Grids - Moderately critical - Multiple vulnerabilities - SA-CONTRIB-2024-054

This module provides serialization formats for use by other modules. The module includes a version of phpoffice/phpspreadsheet which has multiple known security vulnerabilities...

8.8CVSS6.8AI score0.07791EPSS
Exploits11References8
Patchstack
Patchstack
added 2024/10/23 12:0 a.m.4 views

Drupal Loft Data Grids module < 7.x-2.7,< 7.x-3.0 - Authenticated Cross Site Scripting (XSS) vulnerability

Authenticated Cross Site Scripting XSS vulnerability discovered by Juraj Nemec in WordPress Module Loft Data Grids versions 7.x-2.7,7.x-3.0...

5.4CVSS6.1AI score0.00316EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2024/10/23 12:0 a.m.4 views

Drupal Loft Data Grids module < 7.x-2.7,< 7.x-3.0 - Authenticated Remote Code Execution (RCE) vulnerability

Authenticated Remote Code Execution RCE vulnerability discovered by Juraj Nemec in WordPress Module Loft Data Grids versions 7.x-2.7,7.x-3.0...

8.8CVSS7.5AI score0.00792EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2024/10/23 12:0 a.m.4 views

Drupal Loft Data Grids module < 7.x-2.7,< 7.x-3.0 - Unauthenticated Sensitive Data Exposure vulnerability

Unauthenticated Sensitive Data Exposure vulnerability discovered by Juraj Nemec in WordPress Module Loft Data Grids versions 7.x-2.7,7.x-3.0...

7.5CVSS7AI score0.02859EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2024/10/23 12:0 a.m.5 views

Drupal Loft Data Grids module < 7.x-2.7,< 7.x-3.0 - Unauthenticated Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS vulnerability discovered by Juraj Nemec in WordPress Module Loft Data Grids versions 7.x-2.7,7.x-3.0...

7.1CVSS6.1AI score0.00466EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2024/10/23 12:0 a.m.4 views

Drupal Loft Data Grids module < 7.x-2.7,< 7.x-3.0 - Unauthenticated Sensitive Data Exposure vulnerability

Unauthenticated Sensitive Data Exposure vulnerability discovered by Juraj Nemec in WordPress Module Loft Data Grids versions 7.x-2.7,7.x-3.0...

8.8CVSS7AI score0.0057EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2024/10/23 12:0 a.m.3 views

Drupal Loft Data Grids module < 7.x-2.7,< 7.x-3.0 - Unauthenticated XML External Entity (XXE) vulnerability

Unauthenticated XML External Entity XXE vulnerability discovered by Juraj Nemec in WordPress Module Loft Data Grids versions 7.x-2.7,7.x-3.0...

8.8CVSS7.1AI score0.07791EPSS
Exploits4References1Affected Software1
Patchstack
Patchstack
added 2024/10/23 12:0 a.m.4 views

Drupal Loft Data Grids module < 7.x-2.7,< 7.x-3.0 - Authenticated Content Injection vulnerability

Authenticated Content Injection vulnerability discovered by Juraj Nemec in WordPress Module Loft Data Grids versions 7.x-2.7,7.x-3.0...

5.4CVSS7.2AI score0.00395EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2024/10/23 12:0 a.m.4 views

Drupal Loft Data Grids module < 7.x-2.7,< 7.x-3.0 - Authenticated Broken Access Control vulnerability

Authenticated Broken Access Control vulnerability discovered by Juraj Nemec in WordPress Module Loft Data Grids versions 7.x-2.7,7.x-3.0...

7.7CVSS7AI score0.00579EPSS
Exploits1References1Affected Software1
Wired Threat Level
Wired Threat Level
added 2024/10/21 10:0 a.m.6 views

US Government Says Relying on Chinese Lithium Batteries Is Too Risky

A new document shows the Department of Homeland Security is concerned that Chinese investment in lithium batteries to power energy grids will make them a threat to US supply chain security...

7.2AI score
Exploits0
Imperva Blog
Imperva Blog
added 2024/09/12 7:52 p.m.8 views

Enhancing Security and Compliance in the Energy Sector: Imperva’s Cipher Suite Support

In the energy and utility sector, safeguarding data and ensuring compliance with regulatory standards is paramount. With the increasing digitalization of operations, from smart grids to IoT-enabled devices, the need for robust encryption methods to protect sensitive information has never been...

7.2AI score
Exploits0
NVD
NVD
added 2024/08/18 3:15 p.m.28 views

CVE-2024-43305

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Code Amp Custom Layouts – Post + Product grids made easy allows Stored XSS.This issue affects Custom Layouts – Post + Product grids made easy: from n/a through 1.4.11...

6.5CVSS0.00239EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2024/08/18 3:15 p.m.5 views

CVE-2024-43305

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Code Amp Custom Layouts – Post + Product grids made easy allows Stored XSS.This issue affects Custom Layouts – Post + Product grids made easy: from n/a through 1.4.11...

6.5CVSS5.2AI score0.00239EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/08/16 11:50 a.m.5 views

WordPress Custom Layouts – Post + Product grids made easy plugin <= 1.4.11 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by NGÔ THIÊN AN Patchstack Alliance in WordPress Plugin Custom Layouts – Post + Product grids made easy versions = 1.4.11...

6.5CVSS6.1AI score0.00239EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/08/16 12:0 a.m.14 views

WordPress Custom Layouts – Post + Product grids made easy Plugin <= 1.4.11 is vulnerable to Cross Site Scripting (XSS)

Software Custom Layouts – Post + Product grids made easy Type Plugin Vulnerable versions = 1.4.11 Fixed in 1.4.12 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-43305 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 657faa3ff7c6 Credits Ngô...

6.5CVSS6.6AI score0.00239EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2024/08/01 10:15 p.m.25 views

CVE-2024-39665

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in YMC Filter & Grids allows Stored XSS.This issue affects Filter & Grids: from n/a through 2.9.2...

6.5CVSS0.00289EPSS
Exploits0References1
CVE
CVE
added 2024/08/01 9:34 p.m.45 views

CVE-2024-39665

CVE-2024-39665 is a stored XSS vulnerability in the WordPress plugin Filter & Grids (YMC Smart Filter) up to version 2.9.2, caused by improper neutralization of input during web page generation. Exploitation could arise from stored payloads affecting users; CVSS v3.1 base score is 6.5 (Medium). R...

6.5CVSS6.5AI score0.00289EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/01 9:34 p.m.14 views

CVE-2024-39665 WordPress Filter & Grids plugin <= 2.9.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in YMC Filter & Grids allows Stored XSS.This issue affects Filter & Grids: from n/a through 2.9.2...

6.5CVSS6.8AI score0.00289EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/01 9:34 p.m.15 views

CVE-2024-39665 WordPress Filter & Grids plugin <= 2.9.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in YMC Filter & Grids allows Stored XSS.This issue affects Filter & Grids: from n/a through 2.9.2...

6.5CVSS0.00289EPSS
Exploits0References1
Rows per page
Query Builder