Lucene search
K

57 matches found

NVD
NVD
added 2026/06/08 2:16 a.m.10 views

CVE-2021-47982

WordPress Plugin WP-Paginate 2.1.3 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by manipulating the preset parameter. Attackers can submit POST requests to the plugin settings page with script payloads in the preset parameter...

6.4CVSS0.00187EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/08 1:55 a.m.8 views

CVE-2021-47982

WordPress Plugin WP-Paginate 2.1.3 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by manipulating the preset parameter. Attackers can submit POST requests to the plugin settings page with script payloads in the preset parameter...

6.4CVSS5.2AI score0.00187EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/06/08 1:55 a.m.44 views

CVE-2021-47982 WordPress Plugin WP-Paginate 2.1.3 Stored XSS via preset

WordPress Plugin WP-Paginate 2.1.3 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by manipulating the preset parameter. Attackers can submit POST requests to the plugin settings page with script payloads in the preset parameter...

6.4CVSS0.00187EPSS
Exploits0References3
CVE
CVE
added 2026/06/08 1:55 a.m.21 views

CVE-2021-47982

Summary: CVE-2021-47982 affects WordPress plugin WP-Paginate 2.1.3 with a stored XSS via the preset parameter. Authenticated attackers can submit payloads in the preset field through the plugin settings page; payloads are stored and later executed when administrators view the settings. The record...

6.4CVSS5.2AI score0.00187EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/08 1:55 a.m.12 views

EUVD-2021-34848

WordPress Plugin WP-Paginate 2.1.3 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by manipulating the preset parameter. Attackers can submit POST requests to the plugin settings page with script payloads in the preset parameter...

6.4CVSS5.2AI score0.00187EPSS
Exploits0References3
OSV
OSV
added 2026/06/04 1:49 p.m.4 views

ROOT-APP-NPM-CVE-2025-25288 CVE-2025-25288 in @rootio/octokit__plugin-paginate-rest - Patched by Root

Root has patched CVE-2025-25288 in the @rootio/octokitplugin-paginate-rest package for Root:npm. Multiple fixed versions available...

5.3CVSS6.5AI score0.0058EPSS
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-0864

Malware in sbrugna...

7.5CVSS7.5AI score0.02589EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2021-34080

Malicious code in bioql PyPI...

4.8CVSS5.2AI score0.00798EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/22 10:20 p.m.7 views

CVE-2022-2050

The WP-Paginate WordPress plugin before 2.1.9 does not escape one of its settings, which could allow high privilege users to perform Stored Cross-Site Scripting attacks when unfilteredhtml is disallowed...

4.8CVSS5.9AI score0.00493EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:25 p.m.6 views

CVE-2020-27543

The restify-paginate package 0.0.5 for Node.js allows remote attackers to cause a Denial-of-Service by omitting the HTTP Host header. A Restify-based web service would crash with an uncaught exception...

7.5CVSS6.9AI score0.02589EPSS
Exploits1
Github Security Blog
Github Security Blog
added 2025/02/14 5:57 p.m.17 views

@octokit/plugin-paginate-rest has a Regular Expression in iterator Leads to ReDoS Vulnerability Due to Catastrophic Backtracking

Summary For the npm package @octokit/plugin-paginate-rest, when calling octokit.paginate.iterator, a specially crafted octokit instance—particularly with a malicious link parameter in the headers section of the request—can trigger a ReDoS attack. Details The issue occurs at line 39 of iterator.ts...

5.3CVSS6.8AI score0.0058EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2025/02/14 12:0 a.m.7 views

PT-2025-7071

Name of the Vulnerable Software and Affected Versions: @octokit/plugin-paginate-rest versions 1.0.0 through 11.4.1 Description: The issue is a Regular Expression Denial of Service ReDoS vulnerability that can be triggered when calling octokit.paginate.iterator with a specially crafted octokit...

5.3CVSS6.4AI score0.0058EPSS
Exploits0References13
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:48 p.m.4 views

Malicious code in alphabetical-paginate (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:48 p.m.4 views

Malicious code in alphabetical-paginate_uk (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0References1
OSV
OSV
added 2024/06/25 1:48 p.m.6 views

MAL-2024-6593 Malicious code in alphabetical-paginate (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0References1
OSV
OSV
added 2024/06/25 1:48 p.m.8 views

MAL-2024-6592 Malicious code in alphabetic-paginate (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:48 p.m.6 views

Malicious code in alphabetic-paginate (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0References1
OSV
OSV
added 2024/01/11 4:27 p.m.3 views

GHSA-H374-MM57-879C Authenticated (user role) SQL injection in `OrderAndPaginate` (GHSL-2023-270)

Summary The OrderAndPaginate function is used to order and paginate data. It is defined as follows: go func OrderAndPaginatec gin.Context funcdb gorm.DB gorm.DB return funcdb gorm.DB gorm.DB sort := c.DefaultQuery"order", "desc" order := fmt.Sprintf"%s %s", DefaultQueryc, "sortby", "id", sort db ...

7CVSS5.7AI score0.00584EPSS
Exploits1References7
CNVD
CNVD
added 2022/07/13 12:0 a.m.21 views

WordPress WP-Paginate plugin cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

4.8CVSS4.7AI score0.00493EPSS
Exploits2References1
ATTACKERKB
ATTACKERKB
added 2022/07/11 1:15 p.m.4 views

CVE-2022-2050

The WP-Paginate WordPress plugin before 2.1.9 does not escape one of its settings, which could allow high privilege users to perform Stored Cross-Site Scripting attacks when unfilteredhtml is disallowed...

4.8CVSS5.9AI score0.00493EPSS
Exploits2References2
Rows per page
Query Builder