Lucene search
K

537 matches found

NVD
NVD
added 5 days ago6 views

CVE-2026-15104

The BetterDocs – AI Documentation, Knowledge Base, Docs, Wikis, FAQ with Chatbot plugin for WordPress is vulnerable to generic SQL Injection via the 'lang' parameter in all versions up to, and including, 4.6.0 due to insufficient escaping on the user supplied parameter and lack of sufficient...

6.5CVSS0.0026EPSS
Exploits0References5
EUVD
EUVD
added 5 days ago10 views

EUVD-2026-42840

The BetterDocs – AI Documentation, Knowledge Base, Docs, Wikis, FAQ with Chatbot plugin for WordPress is vulnerable to generic SQL Injection via the 'lang' parameter in all versions up to, and including, 4.6.0 due to insufficient escaping on the user supplied parameter and lack of sufficient...

6.5CVSS6.1AI score0.0026EPSS
Exploits0References5
CVE
CVE
added 5 days ago9 views

CVE-2026-15104

Summary: CVE-2026-15104 affects the WordPress plugin “BetterDocs – AI Documentation, Knowledge Base, Docs, Wikis, FAQ with Chatbot” up to version 4.6.0. The vulnerability is a generic SQL Injection via the ‘lang’ parameter, caused by insufficient escaping of user input and lack of proper preparat...

6.5CVSS6.1AI score0.0026EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 5 days ago6 views

CVE-2026-15104

The BetterDocs – AI Documentation, Knowledge Base, Docs, Wikis, FAQ with Chatbot plugin for WordPress is vulnerable to generic SQL Injection via the 'lang' parameter in all versions up to, and including, 4.6.0 due to insufficient escaping on the user supplied parameter and lack of sufficient...

6.5CVSS6.1AI score0.0026EPSS
Exploits0References6
Cvelist
Cvelist
added 5 days ago30 views

CVE-2026-15104 BetterDocs <= 4.6.0 - Authenticated (Custom+) SQL Injection via 'lang' Parameter

The BetterDocs – AI Documentation, Knowledge Base, Docs, Wikis, FAQ with Chatbot plugin for WordPress is vulnerable to generic SQL Injection via the 'lang' parameter in all versions up to, and including, 4.6.0 due to insufficient escaping on the user supplied parameter and lack of sufficient...

6.5CVSS0.0026EPSS
Exploits0References5
Securelist
Securelist
added 2026/07/01 10:0 a.m.24 views

The SOC Files: ScreenConnect masked as freeware. An inside look at a large-scale campaign

UPD 03.07.2026: added a package of rules and recommendations that help detect the described malicious activity for companies using our Kaspersky SIEM system. Introduction To access compromised systems, threat actors frequently abuse legitimate remote monitoring tools. At first glance, these...

6.1AI score
Exploits0
Vulnrichment
Vulnrichment
added 2026/06/15 8:19 p.m.7 views

CVE-2026-49776 WordPress GPTranslate – Multilingual AI Translation for WordPress: Automatically Translate Websites plugin <= 2.32.6 - SQL Injection vulnerability

Unauthenticated SQL Injection in GPTranslate – Multilingual AI Translation for WordPress: Automatically Translate Websites = 2.32.6 versions...

9.3CVSS5.7AI score0.00289EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/15 8:19 p.m.10 views

EUVD-2026-36896

Unauthenticated SQL Injection in GPTranslate – Multilingual AI Translation for WordPress: Automatically Translate Websites = 2.32.6 versions...

9.3CVSS5.7AI score0.00289EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 8:19 p.m.27 views

CVE-2026-49776

CVE-2026-49776 concerns the WordPress GPTranslate plugin, affected versions

9.3CVSS5.7AI score0.00289EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/15 9:30 a.m.11 views

WordPress GPTranslate – Multilingual AI Translation for WordPress: Automatically Translate Websites plugin <= 2.31 - Unauthenticated Stored Cross-Site Scripting vulnerability

Unauthenticated Stored Cross-Site Scripting vulnerability discovered by ? in WordPress Plugin GPTranslate – Multilingual AI Translation for WordPress: Automatically Translate Websites versions = 2.31...

7.2CVSS5.2AI score0.00316EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/05 7:40 p.m.12 views

CVE-2026-25901

Lack of output escaping leads to a XSS vector in the multilingual associations component...

6.9CVSS5.4AI score0.00175EPSS
Exploits0References1
Fedora
Fedora
added 2026/06/04 1:36 a.m.15 views

[SECURITY] Fedora 43 Update: roundcubemail-1.6.16-1.fc43

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

8.1CVSS5.8AI score0.00764EPSS
Exploits1
Fedora
Fedora
added 2026/06/03 12:52 a.m.14 views

[SECURITY] Fedora 44 Update: roundcubemail-1.7.1-1.fc44

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

8.1CVSS5.8AI score0.00764EPSS
Exploits1
OSV
OSV
added 2026/05/28 8:45 a.m.9 views

BIT-JOOMLA-2026-25901 Joomla! Core - [20260502] - XSS in com_associations

Lack of output escaping leads to a XSS vector in the multilingual associations component...

6.9CVSS5.8AI score0.00175EPSS
Exploits0References2
NVD
NVD
added 2026/05/26 5:16 p.m.14 views

CVE-2026-25901

Lack of output escaping leads to a XSS vector in the multilingual associations component...

6.9CVSS0.00175EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/26 4:44 p.m.13 views

CVE-2026-25901 Joomla! Core - [20260502] - XSS in com_associations

Lack of output escaping leads to a XSS vector in the multilingual associations component...

6.9CVSS5.8AI score0.00175EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/26 4:44 p.m.9 views

CVE-2026-25901

Lack of output escaping leads to a XSS vector in the multilingual associations component...

6.9CVSS5.8AI score0.00175EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/05/26 4:44 p.m.13 views

EUVD-2026-31882

Lack of output escaping leads to a XSS vector in the multilingual associations component...

6.9CVSS5.8AI score0.00175EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.12 views

Joomla! CMS 跨站脚本漏洞

Joomla! CMS is a content management system developed under the open source Joomla! framework. Joomla! CMS has a cross-site scripting vulnerability, which stems from the lack of output escaping. This vulnerability may lead to cross-site scripting attacks in multilingual integrated components...

6.9CVSS5.6AI score0.00175EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.15 views

PT-2026-43288

Name of the Vulnerable Software and Affected Versions Joomla CMS affected versions not specified Description Lack of output escaping in the multilingual associations component allows for a Cross-Site Scripting XSS vector. XSS is a flaw where an attacker injects malicious scripts into content...

6.9CVSS5.8AI score0.00175EPSS
Exploits0References4
Rows per page
Query Builder