CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

toggle-array is a js library by the individual developer Jon Schlinkert. A security vulnerability exists in toggle-array 1.0.1 and earlier versions, which stems from prototype contamination in the enable and disable functions, which could lead to a denial of service attack...

7.5CVSS6.3AI score0.00145EPSS

Exploits0References2

NVD•added 2024/12/02 2:15 p.m.•6 views

CVE-2024-52453

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in photonicgnostic Library Bookshelves library-bookshelves allows Reflected XSS.This issue affects Library Bookshelves: from n/a through = 5.8...

7.1CVSS0.00197EPSS

Exploits0References1

CVE•added 2024/12/02 1:49 p.m.•39 views

CVE-2024-52453

CVE-2024-52453 affects WordPress plugin Library Bookshelves (versions n/a through 5.8). The issue is a Reflected XSS due to improper input neutralization during web page generation. Impact per sources: potential for script execution in the context of the user. Remediation: upgrade to a version la...

7.1CVSS7.2AI score0.00197EPSS

Exploits0References1

NVD•added 2024/11/19 5:15 p.m.•4 views

CVE-2024-51838

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in smajda Pull This pull-this allows DOM-Based XSS.This issue affects Pull This: from n/a through = 1.1...

6.5CVSS0.00295EPSS

Exploits0References1

Vulnrichment•added 2024/11/19 4:31 p.m.•14 views

CVE-2024-51838 WordPress Pull This plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jon Smajda Pull This allows DOM-Based XSS.This issue affects Pull This: from n/a through 1.1...

6.5CVSS6.9AI score0.00295EPSS

Exploits0References1

Cvelist•added 2024/11/19 4:31 p.m.•16 views

CVE-2024-51838 WordPress Pull This plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability

6.5CVSS0.00295EPSS

Exploits0References1

Vulnrichment•added 2024/10/18 9:42 a.m.•11 views

CVE-2024-49243 WordPress Dynamic Elementor Addons plugin <= 1.0.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ramjon27 Dynamic Elementor Addons dynamic-elementor-addons allows PHP Local File Inclusion.This issue affects Dynamic Elementor Addons: from n/a through = 1.0.0...

7.5CVSS5.9AI score0.03008EPSS

Exploits0References1

CNNVD•added 2023/06/22 12:0 a.m.•1 views

word-wrap 安全漏洞

word-wrap is a library by Jon Schlinkert, an individual developer in the United States. It is used to wrap words to a specified length. A security vulnerability exists in word-wrap, which stems from the use of an insecure regular expression in the result variable...

7.5CVSS6.4AI score0.00028EPSS

Exploits1References11

NVD•added 2023/05/18 9:15 a.m.•19 views

CVE-2023-30868

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Jon Christopher CMS Tree Page View plugin = 1.6.7 versions...

7.1CVSS6.2AI score0.54053EPSS

Exploits3References2

Cvelist•added 2023/05/18 8:28 a.m.•17 views

CVE-2023-30868 WordPress CMS Tree Page View Plugin <= 1.6.7 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Jon Christopher CMS Tree Page View plugin = 1.6.7 versions...

7.1CVSS6.4AI score0.54053EPSS

Exploits3References2

CVE•added 2023/05/18 8:28 a.m.•57 views

CVE-2023-30868

CVE-2023-30868 affects the WordPress CMS Tree Page View plugin

7.1CVSS6AI score0.54053EPSS

Exploits3References2Affected Software1

OpenVAS•added 2022/08/26 12:0 a.m.•24 views

Ubuntu: Security Advisory (USN-351-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6AI score0.30757EPSS

Exploits2References2

Trend Micro Simply Security•added 2022/02/11 12:0 a.m.•22 views

3 cybersecurity trends & mitigation strategies for CISOs

Explore 3 cyber security trends and how to strategically mitigate future risks with Trend Micro’s Jon Clay, VP of threat intelligence and Ed Cabrera, chief cybersecurity officer...

2.8AI score

Exploits0

Talos Blog•added 2021/10/21 11:0 a.m.•13 views

Threat Source newsletter (Oct. 21, 2021)

Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers. We're writing this on Wednesday for PTO reasons, so apologies if we miss any major news that happens after Wednesday afternoon. Above, you can watch our awesome live stream from Monday with Brad Garnett from... This is only the...

2.4AI score

Exploits0

Talos Blog•added 2021/10/14 10:17 a.m.•18 views

Vulnerability Spotlight: Code execution vulnerabilities in Nitro Pro PDF

A Cisco Talos team member discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered multiple vulnerabilities in the Nitro Pro PDF reader that could allow an attacker to execute code in the context of the application. Nitro Pro PDF is part of Nitro Software’s... This i...

2.2AI score

Exploits0

Talos Blog•added 2021/10/12 7:49 a.m.•11 views

Vulnerability Spotlight: Vulnerabilities in Anker Eufy Homebase could lead to code execution, buffer overflows

Lilith of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered two vulnerabilities in the Anker Eufy Homebase. The Eufy Homebase 2 is the video storage and networking gateway that works with Anker’s Eufy Smarthome ecosystem. All Eufy... This is only the...

1AI score

Exploits0