CVE-2026-46822

creationtimestamp| type| source ---|---|--- 2026-05-28 23:35:39+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmx6rsqhkt2w 2026-05-29 22:37:06+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mmzlxzqqhp2f...

CVE-2026-44466

creationtimestamp| type| source ---|---|--- 2026-05-28 18:02:11+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mmwm5ilszt2s 2026-05-28 19:35:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmwreavbin2t 2026-06-02 22:07:07+00:00| seen|...

CVE-2026-47761

creationtimestamp| type| source ---|---|--- 2026-05-28 17:01:17+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mmwiqloac22z 2026-05-28 17:05:18+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmwixsmqhn2i 2026-05-29 00:37:08+00:00| seen|...

CVE-2026-7802

creationtimestamp| type| source ---|---|--- 2026-05-28 07:00:40+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mmvh6mbxne2l 2026-05-28 07:02:44+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmvhcdq5r42p...

CVE-2026-5737

creationtimestamp| type| source ---|---|--- 2026-05-28 06:54:19+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmvgtbfpf62h...

CVE-2026-2374

creationtimestamp| type| source ---|---|--- 2026-05-28 06:48:02+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mmvgi2bzcs2k...

itour.ru Cross Site Scripting vulnerability OBB-3931380

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

double24.ru Cross Site Scripting vulnerability OBB-3931347

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Gutenberg Blocks by Kadence Blocks < 3.2.37 - Contributor+ Stored XSS

Description The plugin does not validate and escape some of its block attributes before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks Add a Lottie Animation block to a post a...

Simple Ajax Chat < 20240412 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup This was partially fixed in 0240216 bu...

The Events Calendar < 6.4.0.1 - Reflected XSS

Description The plugin does not properly sanitize user-submitted content when rendering some views via AJAX. PoC...

Gutenberg Blocks by Kadence Blocks < 3.2.37 - Contributor+ Stored XSS

Description The plugin does not validate and escape some of its block attributes before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC Add a Lottie Animation block to a po...

The Events Calendar < 6.4.0.1 - Reflected XSS

Description The plugin does not properly sanitize user-submitted content when rendering some views via AJAX. The Events Calendar "...

Simple Ajax Chat < 20240412 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup This was partially fixed in 0240216 bu...

BuddyBoss Platform < 2.6.0 - Insecure Direct Object Reference on Like Comment

Description The plugin contains an IDOR vulnerability that allows a user to like a private post by manipulating the ID included in the request POST /wp-admin/admin-ajax.php HTTP/2 Host: buddyboss.example.com Cookie: REDACTED User-Agent: Mozilla/5.0 Macintosh; Intel Mac OS X 10.15; rv:120.0...

huisartsenvoorhout.nl Cross Site Scripting vulnerability OBB-3366913

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

trendslr.com Cross Site Scripting vulnerability OBB-3366142

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

fingyan.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1176696 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

kaneken.net XSS vulnerability

Open Bug Bounty ID: OBB-623345 Description| Value ---|--- Affected Website:| kaneken.net Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

uswx.com XSS vulnerability

Open Bug Bounty ID: OBB-64924 Description| Value ---|--- Affected Website:| uswx.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat Sheet...