43 matches found
CVE-2026-8230
creationtimestamp| type| source ---|---|--- 2026-05-10 08:22:30+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlidefjjkj2r...
CVE-2025-4502
creationtimestamp| type| source ---|---|--- 2025-05-10 14:27:25+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/15896 2025-05-10 14:28:31+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lot5bni5jbr2 2025-05-10...
CVE-2025-47766
creationtimestamp| type| source ---|---|--- 2025-05-10 06:31:52+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3loscyieplq2h 2025-05-10 07:15:56+00:00| seen| https://t.me/cvedetector/24995...
Popup4Phone <= 1.3.2 - Editor+ Stored XSS
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as Editor to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup 1. Go to "Popup4Phone Settings Form" ...
Popup4Phone <= 1.3.2 - Unauthenticated Stored XSS
Description The plugin does not sanitise and escape some parameters, which could allow unauthenticated users to perform Cross-Site Scripting attacks against admins. Run the following JavaScript in the browser console: fetch"/", "headers": "content-type": "application/x-www-form-urlencoded", ,...
Swift Framework < 2024.0.0 - Contributor+ Stored XSS via Shortcode
Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. P...
Popup4Phone <= 1.3.2 - Unauthenticated Stored XSS
Description The plugin does not sanitise and escape some parameters, which could allow unauthenticated users to perform Cross-Site Scripting attacks against admins. PoC Run the following JavaScript in the browser console: fetch"/", "headers": "content-type": "application/x-www-form-urlencoded", ,...
Swift Framework < 2024.0.0 - Contributor+ Stored XSS via Shortcode
Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. 1...
bikerentalbarcelona.com Cross Site Scripting vulnerability OBB-3319013
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
relaxfc.com Cross Site Scripting vulnerability OBB-3317635
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
redschoolmenopause.com Cross Site Scripting vulnerability OBB-3317626
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
prolabintefarm.com Cross Site Scripting vulnerability OBB-3316818
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
obizurado.com Cross Site Scripting vulnerability OBB-3316749
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
jujutsu.lv Cross Site Scripting vulnerability OBB-3315373
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
hypnovr.io Cross Site Scripting vulnerability OBB-3314977
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2023-28318
creationtimestamp| type| source ---|---|--- 2023-05-10 02:13:53+00:00| seen| https://t.me/cibsecurity/63709...
glitterandtwigs.com Cross Site Scripting vulnerability OBB-3314742
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CISA Temporarily Removes CVE-2022-26925 from Known Exploited Vulnerability Catalog
CISA is temporarily removing CVE-2022-26925 from its Known Exploited Vulnerability Catalog due to a risk of authentication failures when the May 10, 2022 Microsoft rollup update is applied to domain controllers. After installing May 10, 2022 rollup update on domain controllers, organizations migh...
May 10, 2022—KB5013963 (OS Build 10240.19297) - EXPIRED
May 10, 2022—KB5013963 OS Build 10240.19297 - EXPIRED EXPIRATION NOTICEIMPORTAN T As of 9/12/2023, this KB is no longer available from Windows Update, the Microsoft Update Catalog, or other release channels. We recommend that you update your devices to the latest security quality update. Note: To...
.NET 6.0 Update: May 10, 2022 (KB5014330)
.NET 6.0 Update: May 10, 2022 KB5014330 .NET 6.0 has been refreshed with the latest update as of May 10, 2022. This update contains security and non-security fixes. See the release notes for details on updated packages..NET 6.0 servicing updates are upgrades. The latest servicing update for 6.0...