Lucene search
K

19 matches found

CVE
CVE
added 2026/06/15 8:19 p.m.15 views

CVE-2026-52702

CVE-2026-52702 affects the WordPress plugin “SEO Redirection” (versions ≤ 9.17). The vulnerability is an unauthenticated Cross Site Scripting (XSS) flaw reported in multiple sources. The connected documents identify the affected product and version range and confirm an XSS impact but do not provi...

7.1CVSS5.1AI score0.00145EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/15 8:19 p.m.9 views

CVE-2026-52702 WordPress SEO Redirection plugin <= 9.17 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in SEO Redirection = 9.17 versions...

7.1CVSS5.1AI score0.00145EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:19 p.m.31 views

CVE-2026-52702 WordPress SEO Redirection plugin <= 9.17 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in SEO Redirection = 9.17 versions...

7.1CVSS0.00145EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.12 views

PT-2026-49524

Unauthenticated Cross Site Scripting XSS in SEO Redirection = 9.17 versions...

7.1CVSS5.1AI score0.00145EPSS
Exploits0References2
NVD
NVD
added 2026/02/11 9:16 p.m.23 views

CVE-2024-50620

Unrestricted Upload of File with Dangerous Type vulnerabilities exist in the rich text editor and document manage components in CIPPlanner CIPAce before 9.17. An authorized user can upload executable files when inserting images in the rich text editor, and upload executable files when uploading...

8.8CVSS0.00289EPSS
Exploits0References2
NVD
NVD
added 2026/02/11 8:16 p.m.4 views

CVE-2024-50618

A Use of Single-factor Authentication vulnerability in the Authentication component of CIPPlanner CIPAce before 9.17 allows attackers to bypass a protection mechanism. When the system is configured to allow login with internal accounts, an attacker can possibly obtain full authentication if the...

4.3CVSS0.00243EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/11 12:0 a.m.3 views

CVE-2024-50619

Vulnerabilities in the My Account and User Management components in CIPPlanner CIPAce before 9.17 allows attackers to escalate their access levels. A low-privileged authenticated user can gain access to other people's accounts by tampering with the client's user id to change their account...

5.5AI score0.00232EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/11 12:0 a.m.3 views

CVE-2024-50617

Vulnerabilities in the File Download and Get File handler components in CIPPlanner CIPAce before 9.17 allow attackers to download unauthorized files. An authenticated user can easily change the file id parameter or pass the physical file path in the URL query string to retrieve the files. Retriev...

5.3AI score0.00232EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/11 12:0 a.m.10 views

CIPPlanner CIPAce 安全漏洞

CIPPlanner CIPAce is a business process automation and application development platform provided by the American company CIPPlanner. Versions of CIPPlanner CIPAce prior to version 9.17 contained security vulnerabilities. These vulnerabilities stemmed from the use of single-factor authentication i...

4.3CVSS5.8AI score0.00243EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.6 views

PT-2026-7655

Name of the Vulnerable Software and Affected Versions CIPPlanner CIPAce versions prior to 9.17 Description A weakness exists in the Authentication component of CIPPlanner CIPAce that allows attackers to bypass a security measure. Specifically, the system’s reliance on single-factor authentication...

4.3CVSS5.4AI score0.00243EPSS
Exploits0References5
OSV
OSV
added 2025/07/14 11:15 a.m.3 views

CVE-2024-51769

An information disclosure vulnerability exists in HPE AutoPass License Server APLS prior to 9.17...

7.5CVSS5.8AI score0.00363EPSS
Exploits0References1
OSV
OSV
added 2025/07/14 11:15 a.m.7 views

CVE-2024-51767

An authentication bypass vulnerability exists in HPE AutoPass License Server APLS prior to 9.17...

7.3CVSS5.8AI score0.01138EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/07/14 10:26 a.m.4 views

CVE-2024-51768

An hsqldb-related remote code execution vulnerability exists in HPE AutoPass License Server APLS prior to 9.17...

8CVSS7.8AI score0.00368EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/08/13 2:54 a.m.7 views

WordPress Category Posts Widget < 4.9.17- Admin+ Stored XSS vulnerability

WordPress Category Posts Widget 4.9.17- Admin+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Category Posts Widget versions 4.9.17...

4.8CVSS6.1AI score0.00415EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2024/07/16 10:15 p.m.6 views

CVE-2024-5817

An Incorrect Authorization vulnerability was identified in GitHub Enterprise Server that allowed read access to issue content via GitHub Projects. This was only exploitable in internal repositories and required the attacker to have access to the corresponding project board. This vulnerability...

6.5CVSS5.8AI score0.00514EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/05/20 12:0 a.m.6 views

PT-2024-5352 · Argo Cd · Argo Cd

Name of the Vulnerable Software and Affected Versions: Argo CD versions prior to 2.11.3 Argo CD versions prior to 2.10.12 Argo CD versions prior to 2.9.17 Description: Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. It’s possible for authenticated users to enumerate...

4.3CVSS7AI score0.00408EPSS
Exploits0References16
Patchstack
Patchstack
added 2024/05/01 6:19 a.m.5 views

WordPress Essential Addons for Elementor plugin <= 5.9.17 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by wesley wcraft in WordPress Plugin Essential Addons for Elementor versions = 5.9.17...

6.4CVSS5.7AI score0.00602EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/05/15 8:50 p.m.15 views

GHSA-WHPJ-8F3W-67P5 vm2 Sandbox Escape vulnerability

A sandbox escape vulnerability exists in vm2 for versions up to 3.9.17. It abuses an unexpected creation of a host object based on the specification of Proxy. Impact A threat actor can bypass the sandbox protections to gain remote code execution rights on the host running the sandbox. Patches Thi...

9.8CVSS7.6AI score0.05642EPSS
Exploits1References6
CNVD
CNVD
added 2020/04/22 12:0 a.m.5 views

Joomla! access control error vulnerability (CNVD-2020-25676)

Joomla! is the U.S. Open Source Matters team of a set of PHP and MySQL development using open source , cross-platform content management system CMS. An Access Control Error vulnerability exists in Joomla! versions prior to 3.9.17 that stems from an incorrect ACL check and can be exploited by an...

5.3CVSS6.8AI score0.0076EPSS
Exploits0References1
Rows per page
Query Builder