Lucene search
+L

25 matches found

EUVD
EUVD
added 6 days ago5 views

EUVD-2026-43283

The Breeze Cache WordPress plugin before 2.5.6 is vulnerable to unauthenticated Stored Cross-Site Scripting XSS due to a predictable replacement hash used during the HTML minification process and abusing a regular expression. This allows an attacker to inject arbitrary HTML attributes in the fina...

6.1CVSS6.2AI score0.00149EPSS
Exploits0References2
NVD
NVD
added 6 days ago5 views

CVE-2026-10551

The Breeze Cache WordPress plugin before 2.5.6 is vulnerable to unauthenticated Stored Cross-Site Scripting XSS due to a predictable replacement hash used during the HTML minification process and abusing a regular expression. This allows an attacker to inject arbitrary HTML attributes in the fina...

6.1CVSS0.00149EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 6 days ago5 views

CVE-2026-10551

The Breeze Cache WordPress plugin before 2.5.6 is vulnerable to unauthenticated Stored Cross-Site Scripting XSS due to a predictable replacement hash used during the HTML minification process and abusing a regular expression. This allows an attacker to inject arbitrary HTML attributes in the fina...

6.2AI score0.00149EPSS
Exploits0References1
CVE
CVE
added 2026/06/29 7:37 p.m.18 views

CVE-2026-13593

CVE-2026-13593 affects CSS::Minifier::XS before 0.14 for Perl. The vulnerability is a memory leak in the minify function when processing a document containing only characters to be removed (e.g., comments/whitespace). Impact is a leak during minification of such input; no exploitation details or ...

6.5CVSS5.8AI score0.00238EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.12 views

PT-2026-53690

Name of the Vulnerable Software and Affected Versions CSS::Minifier::XS versions prior to 0.14 Description The minify function contains a memory leak that occurs when processing a document consisting entirely of characters intended for removal, such as whitespace and comments, resulting in the...

6.5CVSS5.8AI score0.00238EPSS
Exploits0References5
NVD
NVD
added 2026/05/18 7:16 a.m.29 views

CVE-2026-3220

The Autoptimize WordPress plugin before 3.1.15, Clearfy Cache WordPress plugin before 2.4.2, Speed Optimizer WordPress plugin before 7.7.9 are vulnerable to unauthenticated Stored Cross-Site Scripting XSS due to a predictable replacement hash used during the HTML minification process and abusing ...

8.8CVSS0.0032EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/18 6:0 a.m.10 views

CVE-2026-3220 Multiple Plugins - Unauthenticated Stored XSS via Minify Library

The Autoptimize WordPress plugin before 3.1.15, Clearfy Cache WordPress plugin before 2.4.2, Speed Optimizer WordPress plugin before 7.7.9 are vulnerable to unauthenticated Stored Cross-Site Scripting XSS due to a predictable replacement hash used during the HTML minification process and abusing ...

5.9AI score0.0032EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/18 6:0 a.m.11 views

CVE-2026-3220

The Autoptimize WordPress plugin before 3.1.15, Clearfy Cache WordPress plugin before 2.4.2, Speed Optimizer WordPress plugin before 7.7.9 are vulnerable to unauthenticated Stored Cross-Site Scripting XSS due to a predictable replacement hash used during the HTML minification process and abusing ...

8.8CVSS5.9AI score0.0032EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/18 6:0 a.m.13 views

EUVD-2026-30736

The Autoptimize WordPress plugin before 3.1.15, Clearfy Cache WordPress plugin before 2.4.2, Speed Optimizer WordPress plugin before 7.7.9 are vulnerable to unauthenticated Stored Cross-Site Scripting XSS due to a predictable replacement hash used during the HTML minification process and abusing ...

8.8CVSS5.9AI score0.0032EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/18 12:0 a.m.18 views

PT-2026-41636

The Autoptimize WordPress plugin before 3.1.15, Clearfy Cache WordPress plugin before 2.4.2, Speed Optimizer WordPress plugin before 7.7.9 are vulnerable to unauthenticated Stored Cross-Site Scripting XSS due to a predictable replacement hash used during the HTML minification process and abusing ...

5.9AI score0.0032EPSS
Exploits0References2
Fedora
Fedora
added 2026/04/30 1:30 a.m.12 views

[SECURITY] Fedora 42 Update: binaryen-126-1.fc42

Binaryen is a compiler and toolchain infrastructure library for WebAssembly, written in C++. It aims to make compiling to WebAssembly easy, fast, and effective: Easy: Binaryen has a simple C API in a single header, and can also be used from JavaScript. It accepts input in WebAssembly-like form bu...

7.1CVSS5.5AI score0.00188EPSS
Exploits1
Fedora
Fedora
added 2026/04/30 1:21 a.m.10 views

[SECURITY] Fedora 43 Update: binaryen-126-1.fc43

Binaryen is a compiler and toolchain infrastructure library for WebAssembly, written in C++. It aims to make compiling to WebAssembly easy, fast, and effective: Easy: Binaryen has a simple C API in a single header, and can also be used from JavaScript. It accepts input in WebAssembly-like form bu...

7.1CVSS5.5AI score0.00188EPSS
Exploits1
Cvelist
Cvelist
added 2026/03/21 3:26 a.m.36 views

CVE-2026-1392 SR WP Minify HTML <= 2.1 - Cross-Site Request Forgery to Settings Update

The SR WP Minify HTML plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1. This is due to missing nonce validation on the srminifyhtmltheme function. This makes it possible for unauthenticated attackers to update plugin settings via a forged...

4.3CVSS0.0014EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/09/21 2:36 p.m.4 views

Malicious code in minification (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4f79ed869c7c386d877f1fc9d9cd294ad5e2a35ec2c35b31f3acd8898b1de81d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2024/09/21 2:36 p.m.6 views

MAL-2024-8933 Malicious code in minification (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4f79ed869c7c386d877f1fc9d9cd294ad5e2a35ec2c35b31f3acd8898b1de81d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7.2AI score
Exploits0References1
Fedora
Fedora
added 2022/07/30 2:0 a.m.19 views

[SECURITY] Fedora 36 Update: golang-github-tdewolff-minify-2.11.10-4.fc36

Minify is a minifier package written in Go. It provides HTML5, CSS3, JS, JSON, SVG and XML minifiers and an interface to implement any other minifier. Minification is the process of removing bytes from a file such as whitespace without changing its output and therefore shrinking its size and...

7.3AI score
Exploits0
OpenVAS
OpenVAS
added 2022/07/18 12:0 a.m.21 views

Fedora: Security Advisory for golang-github-tdewolff-minify (FEDORA-2022-3969b64d4b)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.3CVSS8.9AI score0.0995EPSS
Exploits4References2
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2021/05/07 3:23 a.m.46 views

What is minification and why is it needed❓ The Advantages Of Minification

This concept might look simple to understand but it requires deep-understanding for one to interact with the concept properly and know what it entails and what it doesn’t. A bunch of developers use minification in website development, in order to have fast and active web. Minification can be...

6.8AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 2:19 p.m.30 views

Security Bulletin: Security vulnerabilities have been identified in IBM Data Science Experience Local - Incorrect Handling of Non-Boolean Comparison During Minification

Summary IBM Data Science Experience Local - Information about security vulnerability concerning the incorrect handling of non-boolean comparison during minification. uglify-js package has been updated to a version with the fix. Vulnerability Details Please consult this advisory for more informati...

9.8CVSS1.1AI score0.03559EPSS
Exploits1Affected Software1
OSV
OSV
added 2017/10/24 6:33 p.m.6 views

GHSA-34R7-Q49F-H37C Incorrect Handling of Non-Boolean Comparisons During Minification in uglify-js

Versions of uglify-js prior to 2.4.24 are affected by a vulnerability which may cause crafted JavaScript to have altered functionality after minification. Recommendation Upgrade UglifyJS to version = 2.4.24...

9.8CVSS7.1AI score0.03559EPSS
Exploits1References8
Rows per page
Query Builder