CVE-2025-6608

creationtimestamp| type| source ---|---|--- 2025-06-25 14:51:11+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/19448 2025-06-25 16:22:20+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lsgzgpvkyk2a...

CVE-2025-36038

creationtimestamp| type| source ---|---|--- 2025-06-25 14:40:06+00:00| seen| https://bsky.app/profile/knaepp.bsky.social/post/3lsgtpvjx5z2f 2025-06-25 15:05:03+00:00| seen| https://bsky.app/profile/knaepp.bsky.social/post/3lsgv4jwtd522 2025-06-25 21:45:07+00:00| seen|...

CVE-2025-6647

creationtimestamp| type| source ---|---|--- 2025-06-25 03:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-432/ 2025-06-25 21:50:18+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/19534 2025-06-26 00:21:54+00:00| seen|...

ripledd.com Cross Site Scripting vulnerability OBB-3938875

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

attoohinfo.co.za Cross Site Scripting vulnerability OBB-3938565

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

WordPress Simply Show Hooks Plugin 1.2.2 is vulnerable to Backdoor

Software Simply Show Hooks Type Plugin Vulnerable versions 1.2.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Backdoor CVE CVE-2024-6297 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 601ae6e2c1fb Credits WordFence Required privilege Unauthenticated Published 2...

Sitetweet <= 0.2 - Stored XSS via CSRF

Description The plugin does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack PoC The PoC will be displayed on June 25, 2024, to give users the time to update...

Rank Math SEO < 1.0.219 - Authenticated Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow users with access to the General Settings by default admin, however such access can be given to lower roles via the Role Manager feature of the plugin to perform Stored Cross-Site Scripting attacks even wh...

EazyDocs < 2.5.0 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup The PoC will be displayed on June 25,...

Sitetweet <= 0.2 - Stored XSS via CSRF

Description The plugin does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack The PoC will be displayed on June 25, 2024, to give users the time to update...

EazyDocs < 2.5.0 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC The PoC will be displayed on June...

maestrilavoro.it Cross Site Scripting vulnerability OBB-3469425

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

metaboosting.com Cross Site Scripting vulnerability OBB-3466979

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

acornp2p.cafe24.com Cross Site Scripting vulnerability OBB-3466877

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

sv-hoern.de Cross Site Scripting vulnerability OBB-2678661

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

cannalize.com.br Cross Site Scripting vulnerability OBB-2677388

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2022-30885

creationtimestamp| type| source ---|---|--- 2022-06-25 00:31:30+00:00| seen| https://t.me/cibsecurity/45133...

sega.com Cross Site Scripting vulnerability OBB-1205927

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

mysoleaddiction.com Cross Site Scripting vulnerability OBB-1205888

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

gute-rate.de XSS vulnerability

Vulnerable URL: http://www.gute-rate.de/Fahrzeuge/Suche/ Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 374430 VIP website status:| No Check gute-rate.de SSL connection:| Grade: C+ Coordinated Disclosure Timelin...