Lucene search
K

44 matches found

NVD
NVD
added 2026/07/06 6:16 p.m.6 views

CVE-2026-12154

The Reviews Widgets for Google, Yelp & TripAdvisor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'pageid' shortcode attribute of the fbrev shortcode in versions up to and including 2.7.3. This is due to insufficient input sanitization and output escaping in the...

6.4CVSS0.00193EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/07/06 5:31 p.m.38 views

CVE-2026-12154 Reviews Widgets for Google, Yelp & TripAdvisor <= 2.7.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'page_id' Shortcode Attribute

The Reviews Widgets for Google, Yelp & TripAdvisor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'pageid' shortcode attribute of the fbrev shortcode in versions up to and including 2.7.3. This is due to insufficient input sanitization and output escaping in the...

6.4CVSS0.00193EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/07/06 5:31 p.m.5 views

CVE-2026-12154

The Reviews Widgets for Google, Yelp & TripAdvisor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'pageid' shortcode attribute of the fbrev shortcode in versions up to and including 2.7.3. This is due to insufficient input sanitization and output escaping in the...

6.4CVSS6AI score0.00193EPSS
Exploits0References6
CVE
CVE
added 2026/07/06 5:31 p.m.21 views

CVE-2026-12154

The CVE concerns the WordPress plugin Reviews Widgets for Google, Yelp & TripAdvisor (fb-reviews-widget)

6.4CVSS6AI score0.00193EPSS
Exploits0References5
NVD
NVD
added 2026/07/01 8:16 a.m.9 views

CVE-2026-10096

The Qi Blocks plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.4.9 via the 'pageid' parameter due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with author-level access and above, t...

4.3CVSS0.00196EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/07/01 7:53 a.m.41 views

CVE-2026-10096 Qi Blocks <= 1.4.9 - Insecure Direct Object Reference to Authenticated (Author+) Arbitrary Style Modification via 'page_id' Parameter

The Qi Blocks plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.4.9 via the 'pageid' parameter due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with author-level access and above, t...

4.3CVSS0.00196EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2015-0566

Malware in sbrugna...

4.3CVSS6.4AI score0.02018EPSS
Exploits2References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2014-9067

Malware in sbrugna...

7.5CVSS6.4AI score0.02082EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-2882

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.01197EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/23 3:47 a.m.7 views

CVE-2023-31940

SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the pageid parameter at articleedit.php...

7.2CVSS8.6AI score0.0107EPSS
Exploits1References1
NVD
NVD
added 2024/12/14 7:15 a.m.40 views

CVE-2024-11713

The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to SQL Injection via the 'pageid' parameter of the wpjobportaldeactivate function in all versions up to, and including, 2.2.2 due to insufficient escaping on the user supplied...

4.9CVSS0.0046EPSS
Exploits0References3
NVD
NVD
added 2023/08/17 8:15 p.m.24 views

CVE-2023-31940

SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the pageid parameter at articleedit.php...

7.2CVSS7.4AI score0.0107EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/08/17 12:0 a.m.12 views

CVE-2023-31940

SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the pageid parameter at articleedit.php...

8.6AI score0.0107EPSS
Exploits1References1
CVE
CVE
added 2023/08/17 12:0 a.m.116 views

CVE-2023-31940

CVE-2023-31940 affects Online Travel Agency System v1.0, with a SQL injection vulnerability in article_edit.php via the page_id parameter. The issue enables a remote attacker to execute arbitrary SQL commands, potentially compromising data confidentiality, integrity, and availability. Several lin...

7.2CVSS7.4AI score0.0107EPSS
Exploits1References1Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/13 1:50 a.m.21 views

Showdoc Unauthenticated Access

ShowDoc 2.4.1 allows remote attackers to edit other users' notes by navigating with a modified pageid...

4.3CVSS6.9AI score0.0126EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2022/05/13 1:50 a.m.20 views

GHSA-PFRC-5HHQ-6HVR Showdoc Unauthenticated Access

ShowDoc 2.4.1 allows remote attackers to edit other users' notes by navigating with a modified pageid...

4.3CVSS4.5AI score0.0126EPSS
Exploits1References6
OSV
OSV
added 2018/11/28 8:29 a.m.15 views

CVE-2018-19620

ShowDoc 2.4.1 allows remote attackers to edit other users' notes by navigating with a modified pageid...

4.3CVSS6.9AI score
Exploits0References3
NVD
NVD
added 2018/11/28 8:29 a.m.15 views

CVE-2018-19620

ShowDoc 2.4.1 allows remote attackers to edit other users' notes by navigating with a modified pageid...

4.3CVSS4.7AI score0.0126EPSS
Exploits1References3
Prion
Prion
added 2018/11/28 8:29 a.m.12 views

Code injection

ShowDoc 2.4.1 allows remote attackers to edit other users' notes by navigating with a modified pageid...

4CVSS4.7AI score0.0126EPSS
Exploits1References3Affected Software1
CNVD
CNVD
added 2018/11/28 12:0 a.m.3 views

ShowDoc Annotation Editing Vulnerability

ShowDoc is an online document sharing tool. A security vulnerability exists in ShowDoc version 2.4.1. A remote attacker can exploit the vulnerability to modify a user's notes with a modified 'pageid' parameter...

4.3CVSS4.8AI score0.0126EPSS
Exploits1References1
Rows per page
Query Builder