Lucene search
K

297 matches found

OSV
OSV
added 2025/08/27 7:44 a.m.2 views

MAL-2025-42125 Malicious code in @liquid-web/core-services (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2f9afbcbd82f8b0c7374b5e9edb81329aa506296ef39a5a63d70d59af7591e74 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in prettier-plugin-liquid (npm)

The package prettier-plugin-liquid was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.6 views

Malicious code in slate-liquid-asset-loader (npm)

The package slate-liquid-asset-loader was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.2 views

Malicious code in liquid-c (npm)

The package liquid-c was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-25427 Malicious code in liquid-c (npm)

The package liquid-c was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-29625 Malicious code in prettier-plugin-liquid (npm)

The package prettier-plugin-liquid was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.4 views

MAL-2025-33406 Malicious code in slate-liquid-asset-loader (npm)

The package slate-liquid-asset-loader was found to contain malicious code...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/08/14 7:28 a.m.3 views

CVE-2025-47444

Missing Authorization vulnerability in Damian Góra FiboSearch ajax-search-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FiboSearch: from n/a through = 1.32.1...

7.5CVSS5.9AI score0.00238EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/12 6:37 a.m.11 views

CVE-2025-47444 WordPress FiboSearch plugin <= 1.32.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Damian Góra FiboSearch ajax-search-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FiboSearch: from n/a through = 1.32.1...

5.3CVSS0.00238EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/12 6:37 a.m.4 views

CVE-2025-47444 WordPress FiboSearch plugin <= 1.32.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Damian Góra FiboSearch ajax-search-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FiboSearch: from n/a through = 1.32.1...

5.3CVSS5.1AI score0.00238EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/07/30 9:49 p.m.9 views

WordPress GiveWP – Donation Plugin and Fundraising Platform plugin <= 4.5.0 - Authenticated (GiveWP worker+) Stored Cross-Site Scripting vulnerability

Authenticated GiveWP worker+ Stored Cross-Site Scripting vulnerability discovered by Brian Sans-Souci liardom in WordPress Plugin GiveWP versions = 4.5.0...

5.4CVSS5.4AI score0.00199EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/06/19 8:4 a.m.6 views

WordPress GiveWP – Donation Plugin and Fundraising Platform plugin <= 4.3.0 - Missing Authorization To Authenticated (Contributor+) Campaign Data View And Modification vulnerability

Missing Authorization To Authenticated Contributor+ Campaign Data View And Modification vulnerability discovered by Brian Sans-Souci liardom in WordPress Plugin GiveWP versions = 4.3.0...

5.4CVSS6.7AI score0.00259EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/06/11 1:42 a.m.16 views

WordPress The Events Calendar plugin <= 6.13.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ DOM-Based Stored Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin The Events Calendar versions = 6.13.2...

6.4CVSS5.5AI score0.00218EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 10:42 a.m.7 views

CVE-2024-52357

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in lqd LIQUID BLOCKS liquid-blocks allows Stored XSS.This issue affects LIQUID BLOCKS: from n/a through = 1.2.0...

6.5CVSS7.2AI score0.00235EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:34 a.m.7 views

CVE-2023-27889

Cross-site request forgery CSRF vulnerability in LIQUID SPEECH BALLOON versions prior to 1.2 allows a remote unauthenticated attacker to hijack the authentication of a user and to perform unintended operations by having a user view a malicious page...

8.8CVSS7.3AI score0.00457EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:14 a.m.9 views

CVE-2023-23672

Missing Authorization vulnerability in Liquid Web / StellarWP GiveWP.This issue affects GiveWP: from n/a through 2.25.1...

5.4CVSS6.9AI score0.00395EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:18 a.m.6 views

CVE-2019-17070

The liquid-speech-balloon aka LIQUID SPEECH BALLOON plugin before 1.0.7 for WordPress allows XSS with Internet Explorer...

6.1CVSS6.2AI score0.00941EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/05/19 4:28 p.m.6 views

WordPress The Events Calendar plugin <= 6.11.2.1 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by domiee13 in WordPress Plugin The Events Calendar versions = 6.11.2.1...

5.4CVSS6.7AI score0.00332EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/05/19 2:58 a.m.8 views

WordPress The Events Calendar plugin < 6.6.4 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin The Events Calendar versions 6.6.4...

4.8CVSS6AI score0.0032EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2025/02/27 12:0 a.m.7 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the use of a non-threaded IRQ to handle LCD DMA, which could lead to scheduling issues...

5.5CVSS6.4AI score0.00181EPSS
Exploits0References7
Rows per page
Query Builder