Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

20 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2025-24920

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00051EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2025-8706

Malicious code in bioql PyPI...

6.5CVSS9AI score0.00204EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/08/16 7:23 p.m.12 views

CVE-2025-54749

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetProductGallery jet-woo-product-gallery allows Stored XSS.This issue affects JetProductGallery: from n/a through = 2.2.0.2...

6.5CVSS5.9AI score0.00051EPSS
Exploits0References1
NVD
NVDadded 2025/08/14 7:15 p.m.3 views

CVE-2025-54749

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetProductGallery jet-woo-product-gallery allows Stored XSS.This issue affects JetProductGallery: from n/a through = 2.2.0.2...

6.5CVSS0.00051EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/08/14 6:21 p.m.4 views

CVE-2025-54749 WordPress JetProductGallery Plugin <= 2.2.0.2 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetProductGallery allows Stored XSS. This issue affects JetProductGallery: from n/a through 2.2.0.2...

6.5CVSS6.9AI score0.00051EPSS
Exploits0References1
CVE
CVEadded 2025/08/14 6:21 p.m.12 views

CVE-2025-54749

CVE-2025-54749 is a Stored XSS in Crocoblock JetProductGallery (WordPress plugin) affecting versions up to and including 2.2.0.2. The vulnerability stems from improper neutralization of input during web page generation, enabling attacker-controlled scripts to be stored and served to users. Affect...

6.5CVSS5.9AI score0.00051EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/08/14 6:21 p.m.10 views

CVE-2025-54749 WordPress JetProductGallery Plugin <= 2.2.0.2 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetProductGallery jet-woo-product-gallery allows Stored XSS.This issue affects JetProductGallery: from n/a through = 2.2.0.2...

6.5CVSS0.00051EPSS
Exploits0References1
Patchstack
Patchstackadded 2025/08/14 2:42 p.m.5 views

WordPress JetProductGallery Plugin <= 2.2.0.2 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by stealthcopter in WordPress Plugin JetProductGallery versions = 2.2.0.2...

6.5CVSS6AI score0.00051EPSS
Exploits0Affected Software1
CNNVD
CNNVDadded 2025/08/14 12:0 a.m.1 views

WordPress plugin JetProductGallery 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A cross-site...

6.5CVSS6AI score0.00051EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2025/08/14 12:0 a.m.4 views

PT-2025-33395 · WordPress · Crocoblock Jetproductgallery

Name of the Vulnerable Software and Affected Versions: Crocoblock JetProductGallery versions through 2.2.0.2 Description: Improper neutralization of input during web page generation allows for Stored Cross-site Scripting XSS. This issue enables malicious actors to inject scripts into web pages...

6.5CVSS5.9AI score0.00051EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2025/04/02 6:31 a.m.13 views

CVE-2025-31412

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetProductGallery jet-woo-product-gallery allows DOM-Based XSS.This issue affects JetProductGallery: from n/a through = 2.1.22...

6.5CVSS7.2AI score0.00204EPSS
Exploits0References1
NVD
NVDadded 2025/03/31 6:15 a.m.8 views

CVE-2025-31412

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetProductGallery jet-woo-product-gallery allows DOM-Based XSS.This issue affects JetProductGallery: from n/a through = 2.1.22...

6.5CVSS0.00204EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/03/31 6:7 a.m.8 views

CVE-2025-31412 WordPress JetProductGallery plugin <= 2.1.22 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NotFound JetProductGallery allows DOM-Based XSS. This issue affects JetProductGallery: from n/a through 2.1.22...

6.5CVSS6.9AI score0.00204EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/03/31 6:7 a.m.12 views

CVE-2025-31412 WordPress JetProductGallery plugin <= 2.1.22 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetProductGallery jet-woo-product-gallery allows DOM-Based XSS.This issue affects JetProductGallery: from n/a through = 2.1.22...

6.5CVSS0.00204EPSS
Exploits0References1
CVE
CVEadded 2025/03/31 6:7 a.m.54 views

CVE-2025-31412

JetProductGallery (JetProductGallery) plugin for WordPress has a DOM-based XSS (CVE-2025-31412) affecting versions up to 2.1.22. Exploitation requires authentication (Contributor+). Patch available in 2.1.22; upgrade to 2.1.22 or later to remediate. This aligns with linked Wordfence details indic...

6.5CVSS7.2AI score0.00204EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/03/31 12:0 a.m.2 views

WordPress plugin JetProductGallery 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A cross-site...

6.5CVSS7.9AI score0.00204EPSS
Exploits0References1
Patchstack
Patchstackadded 2025/03/29 11:42 p.m.2 views

WordPress JetProductGallery plugin <= 2.1.22 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin JetProductGallery versions = 2.1.22...

6.5CVSS6.1AI score0.00204EPSS
Exploits0Affected Software1
Patchstack
Patchstackadded 2023/11/28 12:0 a.m.11 views

WordPress JetProductGallery Plugin <= 2.1.13.1 is vulnerable to Broken Access Control

Software JetProductGallery Type Plugin Vulnerable versions = 2.1.13.1 Fixed in 2.1.13.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-48761 Patch priority Medium CVSS severity Medium 6.3 Developer Crocoblock PSID 626a1cf871b6 Credits Rafie Muhammad...

6.3CVSS6.8AI score0.00104EPSS
Exploits0References1Affected Software1
Patchstack
Patchstackadded 2023/11/28 12:0 a.m.15 views

WordPress JetProductGallery Plugin <= 2.1.13.1 is vulnerable to Broken Access Control

Software JetProductGallery Type Plugin Vulnerable versions = 2.1.13.1 Fixed in 2.1.13.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-48760 Patch priority Medium CVSS severity Medium 8.2 Developer Crocoblock PSID 7e68b6745d20 Credits Rafie Muhammad...

9.8CVSS6.8AI score0.00255EPSS
Exploits0References1Affected Software1
Patchstack
Patchstackadded 2023/11/28 12:0 a.m.8 views

WordPress JetProductGallery Plugin <= 2.1.13.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software JetProductGallery Type Plugin Vulnerable versions = 2.1.13.1 Fixed in 2.1.13.2 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-48762 Patch priority Low CVSS severity Low 6.3 Developer Crocoblock PSID 150144abe99d Credits Rafie Muhammad...

8.8CVSS7AI score0.00068EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder