Lucene search
K

704 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:6 a.m.7 views

CVE-2023-34185

Cross-Site Request Forgery CSRF vulnerability in John Brien WordPress NextGen GalleryView plugin = 0.5.5 versions...

6.5CVSS7.1AI score0.0022EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:1 a.m.10 views

CVE-2022-43461

Stored Cross-Site Scripting XSS vulnerability in John West Slideshow SE plugin = 2.5.5 versions...

5.4CVSS5.6AI score0.0038EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:40 p.m.5 views

CVE-2022-41554

Stored Cross-Site Scripting XSS vulnerability in John West Slideshow SE plugin = 2.5.5 versions...

5.4CVSS4.3AI score0.00405EPSS
Exploits0References1
CVE
CVE
added 2025/05/07 2:20 p.m.46 views

CVE-2025-47590

CVE-2025-47590 describes a CSRF vulnerability in WordPress WPSpeed up to version 2.6.5. The available data indicate a CSRF flaw that could enable unauthorized actions on behalf of an authenticated user (attack vector: CSRF; user interaction required per CVSS 3.1 vector). The CVE entry lists a mod...

4.3CVSS7.2AI score0.0014EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/05/07 4:58 a.m.3 views

Malicious code in @johndeere-tech/eslint-plugin-timbercloud-custom-rules (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 61308d7848e55b8e455ca17307d037a12cbcb121760bacc64d9f8b574c08861d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References3
NVD
NVD
added 2025/04/24 4:15 p.m.15 views

CVE-2025-46465

Cross-Site Request Forgery CSRF vulnerability in John Weissberg Print Science Designer print-science-designer allows Stored XSS.This issue affects Print Science Designer: from n/a through = 1.3.155...

7.1CVSS0.00127EPSS
Exploits0References1
CVE
CVE
added 2025/04/24 4:8 p.m.49 views

CVE-2025-46465

CVE-2025-46465 : A CSRF flaw in WordPress Print Science Designer (versions up to and including 1.3.155) can lead to stored XSS. Affected product: Print Science Designer plugin; root cause is CSRF that enables injecting stored scripts. Public details in the CVE entry identify the vulnerability typ...

7.1CVSS7.2AI score0.00127EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/22 12:0 a.m.5 views

MimeTeX 安全漏洞

MimeTeX is an image converter from the individual developer John Forkosh. A security vulnerability exists in versions prior to MimeTeX v1.77, which stems from specially crafted scripts that lead to the execution of arbitrary code...

9.8CVSS6.7AI score0.00611EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/04/13 9:8 a.m.14 views

CVE-2025-32671

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in John Weissberg Print Science Designer print-science-designer allows Path Traversal.This issue affects Print Science Designer: from n/a through = 1.3.155...

7.5CVSS7.2AI score0.00655EPSS
Exploits0References1
NVD
NVD
added 2025/04/11 9:15 a.m.11 views

CVE-2025-32671

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in John Weissberg Print Science Designer print-science-designer allows Path Traversal.This issue affects Print Science Designer: from n/a through = 1.3.155...

7.5CVSS0.00655EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/11 8:43 a.m.23 views

CVE-2025-32671 WordPress Print Science Designer plugin <= 1.3.155 - Arbitrary File Download vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in John Weissberg Print Science Designer print-science-designer allows Path Traversal.This issue affects Print Science Designer: from n/a through = 1.3.155...

7.5CVSS0.00655EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/11 12:0 a.m.10 views

PT-2025-16096 · Unknown · John Weissberg Print Science Designer

Name of the Vulnerable Software and Affected Versions: John Weissberg Print Science Designer versions 1.3.155 and earlier Description: The issue is related to an improper limitation of a pathname to a restricted directory, also known as 'Path Traversal'. This allows for Path Traversal, which can...

7.5CVSS7.8AI score0.00655EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/04/04 3:58 p.m.7 views

CVE-2025-32166 WordPress Emma for WordPress plugin <= 1.3.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in John Housholder Emma for WordPress allows Stored XSS. This issue affects Emma for WordPress: from n/a through 1.3.3...

6.5CVSS6.5AI score0.00367EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/29 4:19 p.m.17 views

CVE-2025-26909

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in John Darrel Hide My WP Ghost hide-my-wp allows PHP Local File Inclusion.This issue affects Hide My WP Ghost: from n/a through = 5.4.01...

9.8CVSS7.4AI score0.0067EPSS
Exploits1References1
NVD
NVD
added 2025/03/27 4:15 p.m.19 views

CVE-2025-26909

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in John Darrel Hide My WP Ghost hide-my-wp allows PHP Local File Inclusion.This issue affects Hide My WP Ghost: from n/a through = 5.4.01...

9.8CVSS0.0067EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/01/08 12:0 a.m.7 views

CPDF 安全漏洞

CPDF is a PDF command line tool from the individual developer John Whitington. A security vulnerability exists in CPDF 2.8 and earlier versions, which stems from allowing the use of a stack through a carefully crafted PDF document...

4CVSS6.7AI score0.00196EPSS
Exploits0References2
CVE
CVE
added 2024/12/16 2:32 p.m.46 views

CVE-2024-56015

CVE-2024-56015 concerns a CSRF vulnerability in the Tidy Up WordPress plugin by John Godley that enables a reflected XSS. Public details in the connected Red Hat entry describe the issue as a CSRF vulnerability that allows reflected XSS, affecting versions from unknown public release up to 1.3. T...

7.1CVSS8.6AI score0.00184EPSS
Exploits0References1
Krebs on Security
Krebs on Security
added 2024/11/05 5:10 p.m.10 views

Canadian Man Arrested in Snowflake Data Extortions

A 25-year-old man in Ontario, Canada has been arrested for allegedly stealing data from and extorting more than 160 companies that used the cloud data service Snowflake. Image: https://www.pomerium.com/blog/the-real-lessons-from-the-snowflake-breach On October 30, Canadian authorities arrested...

6.9AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.230 views

Microsoft SQL Server NTLM Stealer

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft SQL Server NTLM Stealer', 'Description' = %q This module can be used to help capture or relay the LM/NTLM credentials of the account...

7.4AI score
Exploits0
Patchstack
Patchstack
added 2024/08/16 12:11 p.m.5 views

WordPress Login As Users plugin <= 1.4.2 - Broken Authentication vulnerability

Broken Authentication vulnerability discovered by John Blackbourn Patchstack Alliance in WordPress Plugin Login As Users versions = 1.4.2...

9.8CVSS7AI score0.00473EPSS
Exploits0Affected Software1
Rows per page
Query Builder