Lucene search
+L

737 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-5060

Malicious code in bioql PyPI...

6.5CVSS6.1AI score0.01108EPSS
Exploits0References5
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-2288

Malicious code in bioql PyPI...

8.8CVSS8.5AI score0.00537EPSS
Exploits0References3
euvd
euvd
added 2025/10/03 8:7 p.m.13 views

EUVD-2022-5196

Malicious code in bioql PyPI...

4.3CVSS4.9AI score0.00717EPSS
Exploits0References4
euvd
euvd
added 2025/10/03 8:7 p.m.12 views

EUVD-2024-47679

Malicious code in bioql PyPI...

8.5CVSS6.6AI score0.00302EPSS
Exploits0References1
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-12295

Malicious code in bioql PyPI...

6.4CVSS8.7AI score0.00253EPSS
Exploits0References6
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-12292

Malicious code in bioql PyPI...

6.4CVSS7.2AI score0.00253EPSS
Exploits0References7
euvd
euvd
added 2025/10/03 8:7 p.m.11 views

EUVD-2022-4773

Malicious code in bioql PyPI...

5.3CVSS5.6AI score0.00897EPSS
Exploits0References4
osv
osv
added 2025/09/05 5:10 p.m.1 views

MAL-2025-45420 Malicious code in offer-ocean-dead (npm)

The package offer-ocean-dead was found to contain malicious code...

7AI score
Exploits0
ossf
ossf
added 2025/09/05 5:10 p.m.2 views

Malicious code in offer-ocean-dead (npm)

The package offer-ocean-dead was found to contain malicious code...

7AI score
Exploits0
cnvd
cnvd
added 2025/09/02 12:0 a.m.2 views

WordPress Ocean Extra plugin cross-site scripting vulnerability

WordPress Ocean Extra plugin is a free plugin for the WordPress platform, designed for the OceanWP theme, aiming to enhance the website building experience by adding extra functionality and flexibility. A cross-site scripting vulnerability exists in the WordPress Ocean Extra plugin, which stems...

6.4CVSS6.1AI score0.00232EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/09/01 5:27 a.m.6 views

CVE-2025-9499

The Ocean Extra plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's oceanwplibrary shortcode in all versions up to, and including, 2.4.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS5.1AI score0.00232EPSS
Exploits0References1
nvd
nvd
added 2025/08/30 5:15 a.m.5 views

CVE-2025-9499

The Ocean Extra plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's oceanwplibrary shortcode in all versions up to, and including, 2.4.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS0.00232EPSS
Exploits0References4
cve
cve
added 2025/08/30 4:25 a.m.22 views

CVE-2025-9499

CVE-2025-9499 refers to a Stored Cross‑Site Scripting vulnerability in the WordPress Ocean Extra plugin (versions up to and including 2.4.9). The issue stems from insufficient input sanitization and output escaping in the oceanwp_library shortcode, enabling an authenticated attacker with contribu...

6.4CVSS4.7AI score0.00232EPSS
Exploits0References4
vulnrichment
vulnrichment
added 2025/08/30 4:25 a.m.1 views

CVE-2025-9499 Ocean Extra <= 2.4.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via oceanwp_library Shortcode

The Ocean Extra plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's oceanwplibrary shortcode in all versions up to, and including, 2.4.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS4.7AI score0.00232EPSS
Exploits0References4
cvelist
cvelist
added 2025/08/30 4:25 a.m.6 views

CVE-2025-9499 Ocean Extra <= 2.4.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via oceanwp_library Shortcode

The Ocean Extra plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's oceanwplibrary shortcode in all versions up to, and including, 2.4.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS0.00232EPSS
Exploits0References4
patchstack
patchstack
added 2025/08/30 12:2 a.m.6 views

WordPress Ocean Extra plugin <= 2.4.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via oceanwp_library Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via oceanwplibrary Shortcode vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Ocean Extra versions = 2.4.9...

6.4CVSS5.6AI score0.00232EPSS
Exploits0References1Affected Software1
cnnvd
cnnvd
added 2025/08/30 12:0 a.m.3 views

WordPress plugin Ocean Extra 跨站脚本漏洞

WordPress Ocean Extra plugin is a free plugin for the WordPress platform, designed for the OceanWP theme, aiming to enhance the website building experience by adding extra functionality and flexibility. A cross-site scripting vulnerability exists in the WordPress Ocean Extra plugin, which stems...

6.4CVSS6AI score0.00232EPSS
Exploits0References6
redhatcve
redhatcve
added 2025/08/15 4:34 a.m.9 views

CVE-2025-8891

The OceanWP theme for WordPress is vulnerable to Cross-Site Request Forgery in versions 4.0.9 to 4.1.1. This is due to missing or incorrect nonce validation on the oceanwpnoticebuttonclick function. This makes it possible for unauthenticated attackers to install the Ocean Extra plugin via a forge...

4.3CVSS6.7AI score0.00205EPSS
Exploits1References1
ossf
ossf
added 2025/08/14 6:52 p.m.1 views

Malicious code in xenon-ocean-ltz904-project (npm)

The package xenon-ocean-ltz904-project was found to contain malicious code...

7AI score
Exploits0
ossf
ossf
added 2025/08/14 6:52 p.m.3 views

Malicious code in kiwi-ocean-ojn981-project (npm)

The package kiwi-ocean-ojn981-project was found to contain malicious code...

7AI score
Exploits0
Rows per page
Query Builder