Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

OSV
OSVadded 2026/01/22 6:16 p.m.3 views

CVE-2025-56590

An issue was discovered in the InsertFromURL function of the Apryse HTML2PDF SDK thru 11.10. This vulnerability could allow an attacker to execute arbitrary operating system commands on the local server...

9.8CVSS6AI score0.00038EPSS
Exploits1References2
ATTACKERKB
ATTACKERKBadded 2026/01/22 12:0 a.m.1 views

CVE-2025-56590

An issue was discovered in the InsertFromURL function of the Apryse HTML2PDF SDK thru 11.10. This vulnerability could allow an attacker to execute arbitrary operating system commands on the local server...

9.8CVSS5.9AI score0.00038EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2026/01/22 12:0 a.m.4 views

PT-2026-3990

Name of the Vulnerable Software and Affected Versions Apryse HTML2PDF SDK versions through 11.10 Description A flaw exists in the InsertFromURL function that may allow an attacker to execute arbitrary operating system commands on the local server. Recommendations Update to a version beyond 11.10...

9.8CVSS5.8AI score0.00038EPSS
Exploits1References6
ATTACKERKB
ATTACKERKBadded 2022/07/30 8:15 p.m.2 views

CVE-2022-33994

The Gutenberg plugin through 13.7.3 for WordPress allows stored XSS by the Contributor role via an SVG document to the "Insert from URL" feature. NOTE: the XSS payload does not execute in the context of the WordPress instance's domain; however, analogous attempts by low-privileged users to...

3CVSS5.9AI score0.00289EPSS
Exploits1References3
NVD
NVDadded 2022/07/30 8:15 p.m.6 views

CVE-2022-33994

The Gutenberg plugin through 13.7.3 for WordPress allows stored XSS by the Contributor role via an SVG document to the "Insert from URL" feature. NOTE: the XSS payload does not execute in the context of the WordPress instance's domain; however, analogous attempts by low-privileged users to...

3CVSS0.00289EPSS
Exploits1References2
CVE
CVEadded 2022/07/30 7:27 p.m.54 views

CVE-2022-33994

CVE-2022-33994 affects the WordPress Gutenberg plugin up to version 13.7.3. The vulnerability is a stored XSS via the SVG document when using the Insert from URL feature, exploitable by a Contributor, with the XSS payload not executing in the WordPress domain context. The description notes that s...

3CVSS3.9AI score0.00289EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologiesadded 2022/07/30 12:0 a.m.1 views

PT-2022-21956 · WordPress · Gutenberg

Name of the Vulnerable Software and Affected Versions: Gutenberg plugin versions through 13.7.3 for WordPress Description: The issue allows stored XSS by the Contributor role via an SVG document to the "Insert from URL" feature. The XSS payload does not execute in the context of the WordPress...

3CVSS3.7AI score0.00289EPSS
Exploits1References5
CNNVD
CNNVDadded 2022/07/30 12:0 a.m.1 views

WordPress plugin Gutenberg 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

3CVSS4.7AI score0.00289EPSS
Exploits1References4
Rows per page
Query Builder