Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

47 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2022-6406

Malicious code in bioql PyPI...

4.3CVSS4.8AI score0.00361EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2025-23426

Malicious code in bioql PyPI...

8.8CVSS6.4AI score0.00393EPSS
Exploits0References6
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2022-0602

Malicious code in bioql PyPI...

5.5CVSS5.5AI score0.00016EPSS
Exploits0References5
NVD
NVDadded 2025/08/02 8:15 a.m.2 views

CVE-2025-6754

The SEO Metrics plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization checks in both the seometricshandleconnectbuttonclick AJAX handler and the seometricshandlecustomendpoint function in all versions up to, and including, 1.0.15. Because the AJAX action only...

8.8CVSS0.00393EPSS
Exploits0References7
Cvelist
Cvelistadded 2025/08/02 7:24 a.m.6 views

CVE-2025-6754 SEO Metrics <= 1.0.15 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation

The SEO Metrics plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization checks in both the seometricshandleconnectbuttonclick AJAX handler and the seometricshandlecustomendpoint function in all versions up to, and including, 1.0.15. Because the AJAX action only...

8.8CVSS0.00393EPSS
Exploits0References7
Positive Technologies
Positive Technologiesadded 2025/08/02 12:0 a.m.3 views

PT-2025-31725 · WordPress · Seo Metrics

Name of the Vulnerable Software and Affected Versions: SEO Metrics versions 1.0.5 through 1.0.15 Description: The SEO Metrics plugin for WordPress is susceptible to privilege escalation due to insufficient authorization checks. Specifically, the seo metrics handle connect button click AJAX handle...

8.8CVSS6.7AI score0.00393EPSS
Exploits0References12
CNNVD
CNNVDadded 2025/08/02 12:0 a.m.1 views

WordPress plugin SEO Metrics 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

8.8CVSS6.4AI score0.00393EPSS
Exploits0References7
RedhatCVE
RedhatCVEadded 2025/05/23 4:38 a.m.2 views

CVE-2023-44263

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Riyaz Social Metrics plugin = 2.2 versions...

5.9CVSS5.6AI score0.00063EPSS
Exploits0
RedhatCVE
RedhatCVEadded 2025/05/22 11:0 p.m.11 views

CVE-2022-34785

Jenkins build-metrics Plugin 1.3 and earlier does not perform permission checks in multiple HTTP endpoints, allowing attackers with Overall/Read permission to obtain information about jobs otherwise inaccessible to them...

4.3CVSS6.3AI score0.00361EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 11:0 p.m.2 views

CVE-2022-34784

Jenkins build-metrics Plugin 1.3 does not escape the build description on one of its views, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Build/Update permission...

5.4CVSS5.4AI score0.08631EPSS
Exploits0References1
NVD
NVDadded 2023/10/02 10:15 a.m.6 views

CVE-2023-44263

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Riyaz Social Metrics plugin = 2.2 versions...

5.9CVSS5.4AI score0.00063EPSS
Exploits0References1
CVE
CVEadded 2023/10/02 9:37 a.m.40 views

CVE-2023-44263

CVE-2023-44263 affects the WordPress plugin Riyaz Social Metrics (versions &lt;= 2.2). It is a Stored Cross-Site Scripting (XSS) vulnerability that requires admin+ authentication to exploit. The NVD entry lists a base CVSS v3.1 score of 4.8 (Medium), while PatchStack describes the vulnerability w...

5.9CVSS5.1AI score0.00063EPSS
Exploits0References1Affected Software1
Prion
Prionadded 2023/04/02 9:15 p.m.10 views

Xxe

Jenkins Visual Studio Code Metrics Plugin 1.7 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

6.4CVSS8.2AI score0.00361EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2023/03/23 11:26 a.m.242 views

CVE-2023-28681

CVE-2023-28681 affects Jenkins Visual Studio Code Metrics Plugin 1.7 and earlier. The vulnerability arises because the plugin’s XML parser is not configured to prevent XML external entity (XXE) attacks, which can allow an attacker to cause the Jenkins controller/server-side processing to reveal s...

8.2CVSS8.2AI score0.00361EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2023/03/23 11:26 a.m.8 views

CVE-2023-28681

Jenkins Visual Studio Code Metrics Plugin 1.7 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

8.3AI score0.00361EPSS
Exploits0References1
Cvelist
Cvelistadded 2023/03/23 11:26 a.m.13 views

CVE-2023-28681

Jenkins Visual Studio Code Metrics Plugin 1.7 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

8.5AI score0.00361EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2023/03/23 12:0 a.m.2 views

PT-2023-21900 · Jenkins · Jenkins Visual Studio Code Metrics Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Visual Studio Code Metrics Plugin versions 1.7 and earlier Description: The issue is related to the XML parser not being configured to prevent XML external entity XXE attacks. This allows attackers who can control VS Code Metrics File...

8.2CVSS8AI score0.00361EPSS
Exploits0References7
Github Security Blog
Github Security Blogadded 2022/07/01 12:1 a.m.29 views

Cross site scripting in Jenkins build-metrics Plugin

Jenkins build-metrics Plugin 1.3 does not escape the build description on one of its views, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Build/Update permission...

5.4CVSS4.9AI score0.08631EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKBadded 2022/06/30 6:15 p.m.2 views

CVE-2022-34784

Jenkins build-metrics Plugin 1.3 does not escape the build description on one of its views, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Build/Update permission...

5.4CVSS5.8AI score0.08631EPSS
Exploits0References2Affected Software1
Prion
Prionadded 2022/06/30 6:15 p.m.18 views

Design/Logic Flaw

Jenkins build-metrics Plugin 1.3 and earlier does not perform permission checks in multiple HTTP endpoints, allowing attackers with Overall/Read permission to obtain information about jobs otherwise inaccessible to them...

4CVSS4.3AI score0.00361EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder