Lucene search
K

204 matches found

Patchstack
Patchstack
added 2026/03/27 11:37 a.m.6 views

WordPress DSGVO snippet for Leaflet Map and its Extensions plugin <= 3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'unset' Attribute vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'unset' Attribute vulnerability discovered by zaim in WordPress Plugin DSGVO snippet for Leaflet Map and its Extensions versions = 3.1...

6.4CVSS5.9AI score0.00235EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/27 4:59 a.m.2 views

CVE-2026-4389

The DSGVO snippet for Leaflet Map and its Extensions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the leafext-cookie-time and leafext-delete-cookie shortcodes in all versions up to, and including, 3.1. This is due to insufficient input sanitization and output escaping on...

6.4CVSS6AI score0.00235EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/26 6:30 a.m.3 views

EUVD-2026-16106

The DSGVO snippet for Leaflet Map and its Extensions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the leafext-cookie-time and leafext-delete-cookie shortcodes in all versions up to, and including, 3.1. This is due to insufficient input sanitization and output escaping on...

6.4CVSS6AI score0.00235EPSS
Exploits0References6
NVD
NVD
added 2026/03/26 5:16 a.m.2 views

CVE-2026-4389

The DSGVO snippet for Leaflet Map and its Extensions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the leafext-cookie-time and leafext-delete-cookie shortcodes in all versions up to, and including, 3.1. This is due to insufficient input sanitization and output escaping on...

6.4CVSS0.00235EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/03/26 4:28 a.m.36 views

CVE-2026-4389 DSGVO snippet for Leaflet Map and its Extensions <= 3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'unset' Attribute

The DSGVO snippet for Leaflet Map and its Extensions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the leafext-cookie-time and leafext-delete-cookie shortcodes in all versions up to, and including, 3.1. This is due to insufficient input sanitization and output escaping on...

6.4CVSS0.00235EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/03/26 4:28 a.m.1 views

CVE-2026-4389 DSGVO snippet for Leaflet Map and its Extensions <= 3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'unset' Attribute

The DSGVO snippet for Leaflet Map and its Extensions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the leafext-cookie-time and leafext-delete-cookie shortcodes in all versions up to, and including, 3.1. This is due to insufficient input sanitization and output escaping on...

6.4CVSS6AI score0.00235EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/03/26 4:28 a.m.3 views

CVE-2026-4389

The DSGVO snippet for Leaflet Map and its Extensions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the leafext-cookie-time and leafext-delete-cookie shortcodes in all versions up to, and including, 3.1. This is due to insufficient input sanitization and output escaping on...

6.4CVSS6AI score0.00235EPSS
Exploits0References6
CVE
CVE
added 2026/03/26 4:28 a.m.11 views

CVE-2026-4389

The CVE-2026-4389 entry concerns the DSGVO snippet for the Leaflet Map and its Extensions WordPress plugin. Affected: Leaflet Map and Extensions, all versions up to 3.1. Issue: Stored Cross-Site Scripting via the leafext-cookie-time and leafext-delete-cookie shortcodes due to insufficient input s...

6.4CVSS6AI score0.00235EPSS
Exploits0References5
OSV
OSV
added 2026/03/26 12:33 a.m.6 views

MAL-2026-2215 Malicious code in react-leaflet-marker-layer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7b37a04b363c4392e401d85320c748dab98c13ff46c74624f21aaa70091b8ae6 The package react-leaflet-marker-layer was found to contain malicious code. Source: google-open-source-security...

5.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/26 12:33 a.m.7 views

Malicious code in react-leaflet-marker-layer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7b37a04b363c4392e401d85320c748dab98c13ff46c74624f21aaa70091b8ae6 The package react-leaflet-marker-layer was found to contain malicious code. Source: google-open-source-security...

5.9AI score
Exploits0References3
CNNVD
CNNVD
added 2026/03/26 12:0 a.m.10 views

WordPress plugin DSGVO snippet for Leaflet Map and its Extensions 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

6.4CVSS5.6AI score0.00235EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/26 12:0 a.m.5 views

PT-2026-28206

The DSGVO snippet for Leaflet Map and its Extensions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the leafext-cookie-time and leafext-delete-cookie shortcodes in all versions up to, and including, 3.1. This is due to insufficient input sanitization and output escaping on...

6.4CVSS6AI score0.00235EPSS
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/22 5:54 p.m.8 views

Malicious code in react-leaflet-heatmap-layer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2352243757a42dafc23c429819f6693b8f9a56799589414bbb527f35b1f7ed35 The package react-leaflet-heatmap-layer was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References4
OSV
OSV
added 2026/03/22 5:54 p.m.6 views

MAL-2026-2072 Malicious code in react-leaflet-heatmap-layer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2352243757a42dafc23c429819f6693b8f9a56799589414bbb527f35b1f7ed35 The package react-leaflet-heatmap-layer was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References4
OSV
OSV
added 2026/03/22 5:54 p.m.3 views

MAL-2026-2071 Malicious code in react-leaflet-cluster-layer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b0518fae392cbcd2e3f43b08af24b6736a313bcc053d67bfece2c36c7e609373 The package react-leaflet-cluster-layer was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References4
Snyk
Snyk
added 2026/03/19 11:0 p.m.9 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released on NPM. They contain malicious code, and its content was NOT yet...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/03/19 11:0 p.m.5 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released on NPM. They contain malicious code, and its content was NOT yet...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/02/24 7:56 p.m.6 views

Cross-site Scripting (XSS)

Overview nicegui is a Create web-based user interfaces with Python. The nice way. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the runmethod function. An attacker can execute arbitrary JavaScript in the victim's browser by supplying crafted input as a method...

6.1CVSS5.9AI score0.00163EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 8:57 a.m.15 views

CVE-2023-31074

Unauth. Reflected Cross-Site Scripting XSS vulnerability in hupe13 Extensions for Leaflet Map plugin = 3.4.1 versions...

7.1CVSS5.9AI score0.00379EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/11/23 7:1 p.m.8 views

WordPress Extensions for Leaflet Map plugin <= 4.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by zaim in WordPress Plugin Extensions for Leaflet Map versions = 4.8...

6.5CVSS6.1AI score0.00132EPSS
Exploits0Affected Software1
Rows per page
Query Builder