Lucene search
K

177 matches found

Patchstack
Patchstack
added 2025/12/15 1:30 p.m.5 views

WordPress Multi-Step Checkout for WooCommerce plugin <= 2.33 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by benzdeus in WordPress Plugin Multi-Step Checkout for WooCommerce versions = 2.33...

6.5CVSS6.1AI score0.00167EPSS
Exploits0Affected Software1
NVD
NVD
added 2025/12/09 4:18 p.m.4 views

CVE-2025-67542

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SilkyPress Multi-Step Checkout for WooCommerce wp-multi-step-checkout allows DOM-Based XSS.This issue affects Multi-Step Checkout for WooCommerce: from n/a through = 2.33...

6.5CVSS0.00167EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/09 2:14 p.m.16 views

CVE-2025-67542 WordPress Multi-Step Checkout for WooCommerce plugin <= 2.33 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SilkyPress Multi-Step Checkout for WooCommerce wp-multi-step-checkout allows DOM-Based XSS.This issue affects Multi-Step Checkout for WooCommerce: from n/a through = 2.33...

6.5CVSS0.00167EPSS
Exploits0References1
CVE
CVE
added 2025/12/09 2:14 p.m.10 views

CVE-2025-67542

Technical details for CVE-2025-67542 are not provided in the supplied connected documents; no vendor/product/version specifics or remediation are available here. Monitor for updates.

6.5CVSS6AI score0.00167EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/09 12:0 a.m.4 views

WordPress plugin Multi-Step Checkout for WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

6.5CVSS6.2AI score0.00167EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.4 views

PT-2025-49918

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SilkyPress Multi-Step Checkout for WooCommerce wp-multi-step-checkout allows DOM-Based XSS.This issue affects Multi-Step Checkout for WooCommerce: from n/a through = 2.33...

6.5CVSS6.4AI score0.00167EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/11/19 5:21 p.m.4 views

CVE-2025-12761

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Simple multi step form allows Cross-Site Scripting XSS.This issue affects Simple multi step form: from 0.0.0 before 2.0.0...

3.5CVSS5.8AI score0.00151EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/18 6:32 p.m.4 views

EUVD-2025-198025

Drupal Simple multi step form allows Cross-Site Scripting...

3.5CVSS5.8AI score0.00151EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2025/11/18 6:32 p.m.4 views

Drupal Simple multi step form allows Cross-Site Scripting

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Simple multi step form allows Cross-Site Scripting XSS.This issue affects Simple multi step form: from 0.0.0 before 2.0.0...

3.5CVSS5.9AI score0.00151EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2025/11/18 5:15 p.m.9 views

CVE-2025-12761

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Simple multi step form allows Cross-Site Scripting XSS.This issue affects Simple multi step form: from 0.0.0 before 2.0.0...

3.5CVSS0.00151EPSS
Exploits0References1
OSV
OSV
added 2025/11/18 4:56 p.m.5 views

CVE-2025-12761 Simple multi step form - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-116

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Simple multi step form allows Cross-Site Scripting XSS.This issue affects Simple multi step form: from 0.0.0 before 2.0.0...

3.5CVSS5.9AI score0.00151EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/11/18 4:56 p.m.4 views

CVE-2025-12761 Simple multi step form - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-116

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Simple multi step form allows Cross-Site Scripting XSS.This issue affects Simple multi step form: from 0.0.0 before 2.0.0...

5.5AI score0.00151EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/18 4:56 p.m.10 views

CVE-2025-12761 Simple multi step form - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-116

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Simple multi step form allows Cross-Site Scripting XSS.This issue affects Simple multi step form: from 0.0.0 before 2.0.0...

0.00151EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/18 12:0 a.m.3 views

Drupal Simple multi step form 安全漏洞

Drupal Simple multi step form is a form module for the Drupal community. A security vulnerability exists in Drupal Simple multi step form versions prior to 2.0.0, which stems from improper input neutralization during page generation and could lead to a cross-site scripting attack...

3.5CVSS5.8AI score0.00151EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/18 12:0 a.m.7 views

PT-2025-47343

Name of the Vulnerable Software and Affected Versions Drupal Simple multi step form versions prior to 2.0.0 Description A flaw exists in Drupal Simple multi step form that allows for Cross-Site Scripting XSS. This issue is due to improper neutralization of input during web page generation. The...

3.5CVSS5.9AI score0.00151EPSS
Exploits0References3
OSV
OSV
added 2025/11/05 6:9 p.m.5 views

DRUPAL-CONTRIB-2025-116

This module provides the ability to convert any entity form into a simple multi-step form. The module doesn’t sufficiently filter certain user-provided text leading to a cross-site scripting XSS vulnerability. This vulnerability is mitigated by the fact that an attacker must have a role with the...

3.5CVSS5.9AI score0.00151EPSS
Exploits0References1
Drupal
Drupal
added 2025/11/05 12:0 a.m.13 views

Simple multi step form - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-116

This module provides the ability to convert any entity form into a simple multi-step form. The module doesn’t sufficiently filter certain user-provided text leading to a cross-site scripting XSS vulnerability. This vulnerability is mitigated by the fact that an attacker must have a role with the...

3.5CVSS5.3AI score0.00151EPSS
Exploits0References2
CVE
CVE
added 2025/10/24 11:25 a.m.18 views

CVE-2025-10861

CVE-2025-10861: Unauthenticated SSRF in the WordPress plugin “Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers” affecting versions up to and including 2.1.4 due to insufficient URL validation. Exploitation could allow the server to make requests t...

7.5CVSS5.7AI score0.0035EPSS
Exploits0References5
Packet Storm News
Packet Storm News
added 2025/10/15 12:0 a.m.34 views

Toward Cybersecurity-Expert Small Language Models

Large language models LLMs are transforming everyday applications, yet deployment in cybersecurity lags due to a lack of high-quality, domain-specific models and training datasets. To address this gap, we present CyberPal 2.0, a family of cybersecurity-expert small language models SLMs ranging fr...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/10/14 12:0 a.m.6 views

HackWorld: Evaluating Computer-Use Agents on Exploiting Web Application Vulnerabilities

Web applications are prime targets for cyberattacks as gateways to critical services and sensitive data. Traditional penetration testing is costly and expertise-intensive, making it difficult to scale with the growing web ecosystem. While language model agents show promise in cybersecurity, moder...

7.5AI score
Exploits0
Rows per page
Query Builder