Lucene search
K

67 matches found

Nuclei
Nuclei
added 19 hours ago39 views

Infographic Maker iList < 4.3.8 - SQL Injection

The Infographic Maker WordPress plugin before 4.3.8 does not validate and escape the postid parameter before using it in a SQL statement via the qcldupvoteaction AJAX action available to unauthenticated and authenticated users, leading to an unauthenticated SQL Injection. id: CVE-2022-0747 info:...

9.8CVSS7.2AI score0.15254EPSS
Exploits2References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 12:0 a.m.11 views

Malicious code in @antv/infographic (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References5
vulnersOsv
vulnersOsv
added 2026/05/18 9:0 p.m.6 views

@als-tp/als-react-ts-ui (>=0.10.1 <=0.16.0), @axiom-lattice/react-sdk (>=2.1.17 <=2.1.82) +10 more potentially affected by unknown CVE via @antv/infographic (>=0.2.16 <=0.2.2)

@antv/infographic NPM version =0.2.16, =0.10.1, =2.1.17, =0.1.1, =0.3.2, =0.1.0, =0.0.1, =0.1.0, =1.0.1, =1.0.0, =1.0.0, =1.3.0, =2.0.0 Source cves: unknown CVE Source advisory: SNYK:JS-ANTVINFOGRAPHIC-16754349...

5.7AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-47001

Malicious code in bioql PyPI...

4.3CVSS6.5AI score0.00323EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2024-30483

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.00339EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:18 a.m.7 views

CVE-2024-32696

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in QuantumCloud Infographic Maker – iList allows Stored XSS.This issue affects Infographic Maker – iList: from n/a through 4.6.6...

6.5CVSS5.2AI score0.00339EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:19 a.m.4 views

CVE-2024-5858

The AI Infographic Maker plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the qcldopenaititlegeneratedesc AJAX action in all versions up to, and including, 4.7.4. This makes it possible for authenticated attackers, with Subscriber-level...

4.3CVSS5.3AI score0.00323EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:55 a.m.7 views

CVE-2024-12415

The The AI Infographic Maker plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 4.9.0. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible...

6.5CVSS7.6AI score0.00463EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:27 p.m.9 views

CVE-2022-0747

The Infographic Maker WordPress plugin before 4.3.8 does not validate and escape the postid parameter before using it in a SQL statement via the qcldupvoteaction AJAX action available to unauthenticated and authenticated users, leading to an unauthenticated SQL Injection...

9.8CVSS7.5AI score0.15254EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2025/01/31 11:11 a.m.7 views

CVE-2024-12415 AI Infographic Maker <= 4.9.0 - Unauthenticated Arbitrary Shortcode Execution

The The AI Infographic Maker plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 4.9.0. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible...

6.5CVSS6.7AI score0.00463EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/01/31 11:11 a.m.21 views

CVE-2024-12415 AI Infographic Maker <= 4.9.0 - Unauthenticated Arbitrary Shortcode Execution

The The AI Infographic Maker plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 4.9.0. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible...

6.5CVSS0.00463EPSS
Exploits0References4
CVE
CVE
added 2025/01/31 11:11 a.m.61 views

CVE-2024-12415

CVE-2024-12415 : The WordPress AI Infographic Maker plugin is vulnerable to unauthenticated arbitrary shortcode execution in all versions up to and including 4.9.0. The flaw arises from executing a value via do_shortcode without proper validation, enabling attackers to run arbitrary shortcodes. A...

6.5CVSS7.7AI score0.00463EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/01/31 12:0 a.m.6 views

WordPress plugin The AI Infographic Maker 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A code injection vulnerabilit...

6.5CVSS9.3AI score0.00463EPSS
Exploits0References4
Patchstack
Patchstack
added 2025/01/30 11:33 p.m.5 views

WordPress AI Infographic Maker plugin <= 4.9.0 - Unauthenticated Arbitrary Shortcode Execution vulnerability

Unauthenticated Arbitrary Shortcode Execution vulnerability discovered by Arkadiusz Hydzik in WordPress Plugin Infographic Maker – iList versions = 4.9.0...

6.5CVSS7.1AI score0.00463EPSS
Exploits0References1Affected Software1
Packet Storm
Packet Storm
added 2025/01/12 12:0 a.m.201 views

CISA: U.S. Electoral Process Infographic - Spanish Translation

System About Files News Vote Help | Services API Advertise Contact | Account Join Login ---|---|---...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2025/01/12 12:0 a.m.131 views

CISA: Business Case for Security Infographic

System About Files News Vote Help | Services API Advertise Contact | Account Join Login ---|---|---...

7.4AI score
Exploits0
Vulnrichment
Vulnrichment
added 2024/06/15 8:42 a.m.14 views

CVE-2024-5858 Infographic Maker iList <= 4.7.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Title Update

The AI Infographic Maker plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the qcldopenaititlegeneratedesc AJAX action in all versions up to, and including, 4.7.4. This makes it possible for authenticated attackers, with Subscriber-level...

4.3CVSS6.6AI score0.00323EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/06/15 8:42 a.m.22 views

CVE-2024-5858 Infographic Maker iList <= 4.7.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Title Update

The AI Infographic Maker plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the qcldopenaititlegeneratedesc AJAX action in all versions up to, and including, 4.7.4. This makes it possible for authenticated attackers, with Subscriber-level...

4.3CVSS0.00323EPSS
Exploits0References3
CVE
CVE
added 2024/06/15 8:42 a.m.58 views

CVE-2024-5858

CVE-2024-5858 affects the AI Infographic Maker (Infographic Maker – iList) WordPress plugin. The vulnerability arises from a missing capability check on the qcld_openai_title_generate_desc AJAX action, allowing authenticated attackers with Subscriber+ access to modify arbitrary post titles in all...

4.3CVSS4.8AI score0.00323EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/06/15 12:0 a.m.3 views

WordPress plugin AI Infographic Maker security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.3CVSS6.5AI score0.00323EPSS
Exploits0References4
Rows per page
Query Builder