Lucene search
K

238 matches found

EUVD
EUVD
added 2026/04/27 12:29 p.m.8 views

EUVD-2026-25833

Text::Minify::XS versions from v0.3.0 before v0.7.8 for Perl have a heap overflow when processing some malformed UTF-8 characters. The minify functions mishandled some malformed UTF-8 characters, leading to heap corruption. Note that the minifyutf8 function is an alias for minnify...

7.5CVSS5.4AI score0.00436EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/27 12:29 p.m.4 views

CVE-2026-7040 Text::Minify::XS versions from 0.3.0 before 0.7.8 for Perl have heap overflow when processing some malformed UTF-8 characters

Text::Minify::XS versions from 0.3.0 before 0.7.8 for Perl have a heap overflow when processing some malformed UTF-8 characters. The minify functions mishandled some malformed UTF-8 characters, leading to heap corruption. Note that the minifyutf8 function is an alias for minify...

5.9AI score0.00436EPSS
Exploits0References2
CVE
CVE
added 2026/04/27 12:29 p.m.18 views

CVE-2026-7040

CVE-2026-7040 affects Text::Minify::XS for Perl, with versions from v0.3.0 up to, but not including, v0.7.8. The vulnerability is a heap overflow/heap corruption that occurs when processing certain malformed UTF-8 characters, as the minify functions mishandled those inputs. The issue is tied to t...

7.5CVSS5.9AI score0.00436EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/27 12:29 p.m.8 views

CVE-2026-7040

Text::Minify::XS versions from 0.3.0 before 0.7.8 for Perl have a heap overflow when processing some malformed UTF-8 characters. The minify functions mishandled some malformed UTF-8 characters, leading to heap corruption. Note that the minifyutf8 function is an alias for minify...

7.5CVSS5.9AI score0.00436EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.6 views

PT-2026-35416

Name of the Vulnerable Software and Affected Versions Text::Minify::XS versions 0.3.0 through 0.7.7 Description A heap overflow occurs when processing certain malformed UTF-8 characters. The minify function and its alias minify utf8 mishandle these characters, which leads to heap corruption...

7.5CVSS5.9AI score0.00436EPSS
Exploits0References9
CNNVD
CNNVD
added 2026/04/27 12:0 a.m.9 views

Text::Minify::XS 安全漏洞

Text::Minify::XS is a text compression tool developed by Robert Rothenberg, designed to quickly remove excess whitespace from multi-line texts. Versions of Text::Minify::XS from v0.3.0 to v0.7.8 contained security vulnerabilities. These vulnerabilities were caused by a stack overflow vulnerabilit...

7.5CVSS5.9AI score0.00436EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/01 5:3 p.m.5 views

CVE-2026-3191

The Minify HTML plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.12. This is due to missing or incorrect nonce validation on the 'minifyhtmlmenuoptions' function. This makes it possible for unauthenticated attackers to update plugin settin...

5.4CVSS5.8AI score0.00154EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/03/31 11:59 p.m.5 views

WordPress Minify HTML plugin <= 2.1.12 - Cross-Site Request Forgery to Plugin Settings Update vulnerability

Cross-Site Request Forgery to Plugin Settings Update vulnerability discovered by Osvaldo Noe Gonzalez Del Rio Os - krei.dev | ogbuilders.io in WordPress Plugin Minify HTML versions = 2.1.12...

5.4CVSS5.9AI score0.00154EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/03/31 12:31 p.m.3 views

EUVD-2026-17367

The Minify HTML plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.12. This is due to missing or incorrect nonce validation on the 'minifyhtmlmenuoptions' function. This makes it possible for unauthenticated attackers to update plugin settin...

5.4CVSS5.8AI score0.00154EPSS
Exploits0References4
NVD
NVD
added 2026/03/31 12:16 p.m.4 views

CVE-2026-3191

The Minify HTML plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.12. This is due to missing or incorrect nonce validation on the 'minifyhtmlmenuoptions' function. This makes it possible for unauthenticated attackers to update plugin settin...

5.4CVSS0.00154EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/31 11:18 a.m.1 views

CVE-2026-3191 Minify HTML <= 2.1.12 - Cross-Site Request Forgery to Plugin Settings Update

The Minify HTML plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.12. This is due to missing or incorrect nonce validation on the 'minifyhtmlmenuoptions' function. This makes it possible for unauthenticated attackers to update plugin settin...

5.4CVSS5.8AI score0.00154EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/31 11:18 a.m.28 views

CVE-2026-3191 Minify HTML <= 2.1.12 - Cross-Site Request Forgery to Plugin Settings Update

The Minify HTML plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.12. This is due to missing or incorrect nonce validation on the 'minifyhtmlmenuoptions' function. This makes it possible for unauthenticated attackers to update plugin settin...

5.4CVSS0.00154EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/31 11:18 a.m.1 views

CVE-2026-3191

The Minify HTML plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.12. This is due to missing or incorrect nonce validation on the 'minifyhtmlmenuoptions' function. This makes it possible for unauthenticated attackers to update plugin settin...

5.4CVSS5.8AI score0.00154EPSS
Exploits0References4
CVE
CVE
added 2026/03/31 11:18 a.m.11 views

CVE-2026-3191

The CVE-2026-3191 entry describes a CSRF vulnerability in the WordPress Minify HTML plugin up to version 2.1.12, caused by missing or incorrect nonce validation in minify_html_menu_options. This allows unauthenticated attackers to update plugin settings via forged requests if a site administrator...

5.4CVSS5.8AI score0.00154EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/31 12:0 a.m.9 views

PT-2026-29225

The Minify HTML plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.12. This is due to missing or incorrect nonce validation on the 'minify html menu options' function. This makes it possible for unauthenticated attackers to update plugin...

5.4CVSS5.8AI score0.00154EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/31 12:0 a.m.8 views

WordPress plugin Minify HTML 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

5.4CVSS5.7AI score0.00154EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/03/26 3:10 p.m.3 views

CVE-2026-1392

The SR WP Minify HTML plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1. This is due to missing nonce validation on the srminifyhtmltheme function. This makes it possible for unauthenticated attackers to update plugin settings via a forged...

4.3CVSS5.7AI score0.0014EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/03/23 7:25 p.m.6 views

WordPress SR WP Minify HTML plugin <= 2.1 - Cross-Site Request Forgery to Settings Update vulnerability

Cross-Site Request Forgery to Settings Update vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin SR WP Minify HTML versions = 2.1...

4.3CVSS5.8AI score0.0014EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/03/21 6:30 a.m.5 views

EUVD-2026-14191

The SR WP Minify HTML plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1. This is due to missing nonce validation on the srminifyhtmltheme function. This makes it possible for unauthenticated attackers to update plugin settings via a forged...

4.3CVSS5.7AI score0.0014EPSS
Exploits0References4
NVD
NVD
added 2026/03/21 4:16 a.m.4 views

CVE-2026-1392

The SR WP Minify HTML plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1. This is due to missing nonce validation on the srminifyhtmltheme function. This makes it possible for unauthenticated attackers to update plugin settings via a forged...

4.3CVSS0.0014EPSS
Exploits0References3
Rows per page
Query Builder