Lucene search
+L

119 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-28573

Malicious code in bioql PyPI...

6.4CVSS6.5AI score0.00208EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/26 9:30 a.m.4 views

Malicious code in example-infinite-scroll (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSV
OSV
added 2025/09/26 9:30 a.m.3 views

MAL-2025-47664 Malicious code in example-infinite-scroll (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSV
OSV
added 2025/06/26 2:15 a.m.5 views

CVE-2025-5488

The WP Masonry & Infinite Scroll plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wmis' shortcode in all versions up to, and including, 2.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

5.4CVSS6AI score0.00208EPSS
Exploits0References3
CVE
CVE
added 2025/06/26 1:44 a.m.28 views

CVE-2025-5488

CVE-2025-5488 affects the WordPress plugin WP Masonry & Infinite Scroll. The vulnerability is a Stored Cross-Site Scripting (XSS) in the plugin’s wmis shortcode, present in all versions up to and including 2.2, caused by insufficient input sanitization and output escaping on user-supplied attribu...

6.4CVSS5.8AI score0.00208EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2025/06/26 12:0 a.m.5 views

WordPress plugin WP Masonry & Infinite Scroll 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.4CVSS5.8AI score0.00208EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/06/19 3:20 p.m.9 views

CVE-2025-49451

Path Traversal: '.../...//' vulnerability in yannisraft Aeroscroll Gallery – Infinite Scroll Image Gallery & Post Grid with Photo Gallery aeroscroll-gallery allows Path Traversal.This issue affects Aeroscroll Gallery – Infinite Scroll Image Gallery & Post Grid with Photo Gallery: from n/a through...

7.5CVSS5.9AI score0.00448EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/06/19 2:26 a.m.11 views

CVE-2025-4775

The WordPress Infinite Scroll – Ajax Load More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the data-button-label HTML attribute in all versions up to, and including, 7.4.0.1 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS5.7AI score0.00186EPSS
Exploits0References1
NVD
NVD
added 2025/06/17 3:15 p.m.6 views

CVE-2025-49451

Path Traversal: '.../...//' vulnerability in yannisraft Aeroscroll Gallery – Infinite Scroll Image Gallery & Post Grid with Photo Gallery aeroscroll-gallery allows Path Traversal.This issue affects Aeroscroll Gallery – Infinite Scroll Image Gallery & Post Grid with Photo Gallery: from n/a through...

7.5CVSS0.00448EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/06/17 3:1 p.m.4 views

CVE-2025-49451

Path Traversal: '.../...//' vulnerability in yannisraft Aeroscroll Gallery – Infinite Scroll Image Gallery & Post Grid with Photo Gallery aeroscroll-gallery allows Path Traversal.This issue affects Aeroscroll Gallery – Infinite Scroll Image Gallery & Post Grid with Photo Gallery: from n/a through...

7.5CVSS5.2AI score0.00448EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/06/17 1:44 a.m.22 views

CVE-2025-4775 WordPress Infinite Scroll – Ajax Load More <= 7.4.0.1 - Authenticated(Contributor+) Stored Cross-Site Scripting

The WordPress Infinite Scroll – Ajax Load More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the data-button-label HTML attribute in all versions up to, and including, 7.4.0.1 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS0.00186EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/06/17 12:0 a.m.14 views

WordPress plugin WordPress Infinite Scroll - Ajax Load More Cross Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin WordPress Infinite...

6.4CVSS5.7AI score0.00186EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/06/17 12:0 a.m.8 views

PT-2025-25607 · WordPress · Wordpress Infinite Scroll – Ajax Load More

Name of the Vulnerable Software and Affected Versions: WordPress Infinite Scroll – Ajax Load More plugin for WordPress versions up to, and including, 7.4.0.1 Description: The issue is related to Stored Cross-Site Scripting via the data-button-label HTML attribute due to insufficient input...

6.4CVSS5.5AI score0.00186EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/06/06 6:42 a.m.5 views

CVE-2025-5586 WordPress Ajax Load More and Infinite Scroll <= 1.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter

The WordPress Ajax Load More and Infinite Scroll plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 1.6.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, wit...

6.4CVSS5.9AI score0.0023EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/06/06 12:0 a.m.5 views

WordPress plugin WordPress Ajax Load More and Infinite Scroll 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...

6.4CVSS6AI score0.0023EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/06/06 12:0 a.m.5 views

PT-2025-24043 · WordPress · Ajax Load More/Infinite Scroll

Name of the Vulnerable Software and Affected Versions: Ajax Load More and Infinite Scroll plugin for WordPress versions up to, and including, 1.6.0 Description: The issue is related to Stored Cross-Site Scripting via the id parameter due to insufficient input sanitization and output escaping. Thi...

6.4CVSS5.9AI score0.0023EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/23 10:47 a.m.10 views

CVE-2024-10040

The Infinite-Scroll plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.6.2. This is due to missing or incorrect nonce validation on the processajaxedit and processajaxdelete function. This makes it possible for unauthenticated attackers to mak...

5.3CVSS6.4AI score0.00242EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:49 a.m.9 views

CVE-2023-50874

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Darren Cooney WordPress Infinite Scroll – Ajax Load More allows Stored XSS.This issue affects WordPress Infinite Scroll – Ajax Load More: from n/a through 6.1.0.1...

6.5CVSS6.7AI score0.00345EPSS
Exploits0References1
NVD
NVD
added 2024/10/18 5:15 a.m.13 views

CVE-2024-10040

The Infinite-Scroll plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.6.2. This is due to missing or incorrect nonce validation on the processajaxedit and processajaxdelete function. This makes it possible for unauthenticated attackers to mak...

5.3CVSS0.00242EPSS
Exploits0References3
OSV
OSV
added 2024/10/18 5:15 a.m.4 views

CVE-2024-10040

The Infinite-Scroll plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.6.2. This is due to missing or incorrect nonce validation on the processajaxedit and processajaxdelete function. This makes it possible for unauthenticated attackers to mak...

4.3CVSS5.7AI score0.00242EPSS
Exploits0References3
Rows per page
Query Builder