Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:32 p.m.11 views

CVE-2026-6700

The DX Sources plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.1. This is due to missing or incorrect nonce validation on the settingspagebuild function. This makes it possible for unauthenticated attackers to trick a logged-in...

4.3CVSS5.4AI score0.00128EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.24 views

PT-2026-45438

Name of the Vulnerable Software and Affected Versions VeronaLabs WP Statistics versions prior to 14.16.6 Description Improper neutralization of input during web page generation allows for DOM-Based Cross-Site Scripting XSS, a flaw where the application contains client-side JavaScript that process...

7.1CVSS5.8AI score0.00212EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/05 3:31 a.m.7 views

EUVD-2026-27203

The DX Sources plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.1. This is due to missing or incorrect nonce validation on the settingspagebuild function. This makes it possible for unauthenticated attackers to trick a logged-in...

4.3CVSS5.7AI score0.00128EPSS
Exploits0References6
NVD
NVD
added 2026/05/05 3:16 a.m.19 views

CVE-2026-6700

The DX Sources plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.1. This is due to missing or incorrect nonce validation on the settingspagebuild function. This makes it possible for unauthenticated attackers to trick a logged-in...

4.3CVSS0.00128EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.10 views

WordPress plugin DX Sources 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

4.3CVSS5.7AI score0.00128EPSS
Exploits0References1
CVE
CVE
added 2025/08/14 6:21 p.m.20 views

CVE-2025-53581

CVE-2025-53581 is a stored XSS vulnerability in the artiosmedia RSS Feed Pro WordPress plugin (versions up to 1.1.8). The root cause is improper input neutralization during web page generation, allowing stored JavaScript in the feed output. Impact: low to moderate per CVSS 3.1 metrics (base score...

5.9CVSS5.9AI score0.00225EPSS
Exploits0References1
OSV
OSV
added 2022/06/08 9:23 a.m.7 views

SUSE-SU-2022:2015-1 Security update for gcc48

This update for gcc48 fixes the following issues: - CVE-2019-14250: Fixed an integer overflow that could lead to an invalid memory access bsc1142649. Non-security fixes: - Fixed an issue with manual page builds bsc1185395. - Fixed an issue with static initializers bsc1177947. - Fixed an issue wit...

5.5CVSS6.4AI score0.02317EPSS
Exploits1References7
Rows per page
Query Builder