Lucene search
+L

63 matches found

NVD
NVD
added 2026/06/27 2:16 a.m.13 views

CVE-2026-11356

The Ivory Search – WordPress Search Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'menutitle' and 'menumagnifiercolor' Settings in all versions up to, and including, 5.5.15 due to insufficient input sanitization and output escaping. This makes it possible for...

4.4CVSS0.00251EPSS
Exploits0References10
EUVD
EUVD
added 2026/06/27 1:27 a.m.15 views

EUVD-2026-39931

The Ivory Search – WordPress Search Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'menutitle' and 'menumagnifiercolor' Settings in all versions up to, and including, 5.5.15 due to insufficient input sanitization and output escaping. This makes it possible for...

4.4CVSS5.9AI score0.00251EPSS
Exploits0References10
ATTACKERKB
ATTACKERKB
added 2026/06/27 1:27 a.m.10 views

CVE-2026-11356

The Ivory Search – WordPress Search Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'menutitle' and 'menumagnifiercolor' Settings in all versions up to, and including, 5.5.15 due to insufficient input sanitization and output escaping. This makes it possible for...

4.4CVSS5.9AI score0.00251EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/06/27 12:0 a.m.25 views

PT-2026-53038

Name of the Vulnerable Software and Affected Versions Ivory Search – WordPress Search Plugin versions prior to 5.5.16 Description Insufficient input sanitization and output escaping allow authenticated attackers with administrator-level access and above to perform Stored Cross-Site Scripting XSS...

4.4CVSS6AI score0.00251EPSS
Exploits0References14
Microsoft KB
Microsoft KB
added 2026/06/23 12:0 a.m.22 views

June 23, 2026—KB5095091 (OS Build 28000.2340) Preview

None None...

6.1AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-16025

Malware in sbrugna...

4.6CVSS6.7AI score0.00345EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-49513

Malicious code in bioql PyPI...

2.4CVSS4.3AI score0.00235EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-45639

Malicious code in bioql PyPI...

6.5CVSS8.7AI score0.00374EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:4 a.m.6 views

CVE-2024-51840

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in rezaul Wd-image-magnifier-xoss wd-image-magnifier-xoss allows DOM-Based XSS.This issue affects Wd-image-magnifier-xoss: from n/a through = 1.0...

6.5CVSS7.2AI score0.00374EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/02/03 8:44 a.m.4 views

Malicious code in cs-magnifier (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d412de7658e93719fd412b6f30d39270ed6190482deb65c00aaf002f96fe7e2a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2025/02/03 8:44 a.m.3 views

MAL-2025-1087 Malicious code in cs-magnifier (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d412de7658e93719fd412b6f30d39270ed6190482deb65c00aaf002f96fe7e2a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
NVD
NVD
added 2024/11/19 5:15 p.m.7 views

CVE-2024-51840

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in rezaul Wd-image-magnifier-xoss wd-image-magnifier-xoss allows DOM-Based XSS.This issue affects Wd-image-magnifier-xoss: from n/a through = 1.0...

6.5CVSS0.00374EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/19 4:31 p.m.20 views

CVE-2024-51840 WordPress Wd-image-magnifier-xoss plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in rezaul Wd-image-magnifier-xoss wd-image-magnifier-xoss allows DOM-Based XSS.This issue affects Wd-image-magnifier-xoss: from n/a through = 1.0...

6.5CVSS0.00374EPSS
Exploits0References1
CVE
CVE
added 2024/11/19 4:31 p.m.44 views

CVE-2024-51840

CVE-2024-51840 is a DOM-based XSS in the WordPress plugin Wd-image-magnifier-xoss by Rezaul Haque, affecting versions “from n/a through 1.0.” The description cites “Improper Neutralization of Input During Web Page Generation,” indicating that unsafe input handling in page rendering enables cross-...

6.5CVSS7.2AI score0.00374EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/19 4:31 p.m.6 views

CVE-2024-51840 WordPress Wd-image-magnifier-xoss plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rezaul haque Wd-image-magnifier-xoss allows DOM-Based XSS.This issue affects Wd-image-magnifier-xoss: from n/a through 1.0...

6.5CVSS6.9AI score0.00374EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/19 12:0 a.m.3 views

WordPress plugin Wd-image-magnifier-xoss 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.5CVSS7.7AI score0.00374EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/11/08 1:48 p.m.5 views

WordPress Wd-image-magnifier-xoss plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Wd-image-magnifier-xoss versions = 1.0...

6.5CVSS6.1AI score0.00374EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/11/08 12:0 a.m.10 views

WordPress Wd-image-magnifier-xoss Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)

Software Wd-image-magnifier-xoss Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51840 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID c2adb78229c9 Credits SOPROBRO Required privilege...

6.5CVSS6.9AI score0.00374EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/06/18 11:5 a.m.32 views

SUSE-SU-2024:1499-2 Security update for java-17-openjdk

This update for java-17-openjdk fixes the following issues: - CVE-2024-21011: Fixed denial of service due to long Exception message logging JDK-8319851,bsc1222979 - CVE-2024-21012: Fixed unauthorized data modification due HTTP/2 client improper reverse DNS lookup JDK-8315708,bsc1222987 -...

3.7CVSS5.8AI score0.01361EPSS
Exploits0References10
BDU FSTEC
BDU FSTEC
added 2024/06/03 12:0 a.m.5 views

The vulnerability of the `BaproductzoommagnifierZoomModuleFrontController::run()` method in the Best Zoom Magnifier Effect module – BAZoom Magnifier, a open-source e-commerce web application for PrestaShop. This vulnerability allows an attacker to elevate their privileges and gain access to read, modify, or delete data.

The vulnerability of the BaproductzoommagnifierZoomModuleFrontController::run method in the Best Zoom Magnifier Effect – BAZoom Magnifier web application for e-commerce with open-source PrestaShop is related to the lack of protective measures for the SQL query structure. Exploiting this...

10CVSS7.8AI score0.00748EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder