Lucene search
+L

431 matches found

nuclei
nuclei
added yesterday49 views

Pagination by BestWebSoft < 1.0.7 - Cross-Site Scripting

The pagination plugin before 1.0.7 for WordPress has multiple XSS issues. id: CVE-2017-18527 info: name: Pagination by BestWebSoft 1.0.7 - Cross-Site Scripting author: luisfelipe146 severity: medium description: | The pagination plugin before 1.0.7 for WordPress has multiple XSS issues. impact: |...

6.1CVSS6.4AI score0.01688EPSS
Exploits1References4
nvd
nvd
added 2 days ago7 views

CVE-2026-50182

WWBN AVideo is an open source video platform. Versions prior to 29.0 contain an unauthenticated Reflected XSS vulnerability through AVideo YouTubeAPI Gallery Pagination. The $GET'search' query parameter is concatenated directly into the href attribute of two pagination links in...

6.1CVSS0.00178EPSS
Exploits0References2
cve
cve
added 2 days ago17 views

CVE-2026-50182

Summary (CVE-2026-50182) WWBN AVideo (API + YouTubeAPI + Layout plugins) is affected. Versions prior to 29.0 contain an unauthenticated Reflected XSS via the $_GET['search'] parameter used in the YouTubeAPI gallery pagination. The payload is injected into the hrefs of the previous/next page links...

6.1CVSS6.3AI score0.00178EPSS
Exploits0References2
cve
cve
added 3 days ago7 views

CVE-2026-15643

CVE-2026-15643 concerns AWS HealthLake MCP Server (awslabs.healthlake-mcp-server) prior to 0.0.14. A server-side request forgery in the pagination handling component can be exploited by a remote authenticated user to exfiltrate AWS temporary security credentials to an attacker-controlled endpoint...

9.2CVSS6.2AI score0.0022EPSS
Exploits0References2
mscve
mscve
added 6 days ago3 views

NATS Server: Remote crash via integer overflow in Connz pagination

...

7.7CVSS6.1AI score0.0056EPSS
Exploits0
nvd
nvd
added 6 days ago5 views

CVE-2026-12426

The Members – Membership & User Role Editor Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.2.22 via the membersfilterprotectedpostsforrest. This makes it possible for unauthenticated attackers to extract determine the existence...

5.3CVSS0.00273EPSS
Exploits0References6
cvelist
cvelist
added 6 days ago30 views

CVE-2026-12426 Members <= 3.2.22 - Unauthenticated Sensitive Information Disclosure via REST API Pagination Side Channel

The Members – Membership & User Role Editor Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.2.22 via the membersfilterprotectedpostsforrest. This makes it possible for unauthenticated attackers to extract determine the existence...

5.3CVSS0.00273EPSS
Exploits0References6
euvd
euvd
added 6 days ago5 views

EUVD-2026-43125

The Members – Membership & User Role Editor Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.2.22 via the membersfilterprotectedpostsforrest. This makes it possible for unauthenticated attackers to extract determine the existence...

5.3CVSS6.1AI score0.00273EPSS
Exploits0References6
cve
cve
added 6 days ago16 views

CVE-2026-12426

The CVE-2026-12426 affects the WordPress plugin Members – Membership & User Role Editor, up to version 3.2.22. The vulnerability enables unauthenticated attackers to perform sensitive information exposure via the REST API pagination side channel, using the members_filter_protected_posts_for_rest ...

5.3CVSS6.1AI score0.00273EPSS
Exploits0References6
cve
cve
added 2026/07/09 3:32 p.m.12 views

CVE-2026-59209

n8n is an open source workflow automation platform. Affected versions prior to 1.123.61, 2.27.4, and 2.28.1 expose a vulnerability where an authenticated user with editor access to a shared workflow can read credential-populated headers via the $request object inside an HTTP Request node’s pagina...

7.1CVSS5.9AI score0.00294EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2026/07/09 3:32 p.m.36 views

CVE-2026-59209 n8n: Shared Credential Header Leak via HTTP Request Pagination Expression

n8n is an open source workflow automation platform. Prior to 1.123.61, 2.27.4, and, 2.28.1, an authenticated member with use-only editor access to a shared workflow could read credential-populated headers exposed via the $request object inside an HTTP Request node's pagination expression and...

7.1CVSS0.00294EPSS
Exploits0References3
euvd
euvd
added 2026/07/09 3:32 p.m.7 views

EUVD-2026-42613

n8n is an open source workflow automation platform. Prior to 1.123.61, 2.27.4, and, 2.28.1, an authenticated member with use-only editor access to a shared workflow could read credential-populated headers exposed via the $request object inside an HTTP Request node's pagination expression and...

7.1CVSS5.9AI score0.00294EPSS
Exploits0References3
osv
osv
added 2026/07/09 3:32 p.m.2 views

CVE-2026-59209 n8n: Shared Credential Header Leak via HTTP Request Pagination Expression

n8n is an open source workflow automation platform. Prior to 1.123.61, 2.27.4, and, 2.28.1, an authenticated member with use-only editor access to a shared workflow could read credential-populated headers exposed via the $request object inside an HTTP Request node's pagination expression and...

7.1CVSS6.1AI score0.00294EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2026/07/09 12:0 a.m.8 views

PT-2026-56826

Name of the Vulnerable Software and Affected Versions n8n versions prior to 1.123.61 n8n versions prior to 2.27.4 n8n versions prior to 2.28.1 Description An authenticated member with use-only editor access to a shared workflow can read credential-populated headers exposed via the $request object...

7.1CVSS6.1AI score0.00294EPSS
Exploits0References8
snyk
snyk
added 2026/07/08 10:38 p.m.6 views

Integer Overflow or Wraparound

Overview github.com/nats-io/nats-server/v2/server is an A simple, secure and performant communications system for digital systems, services and devices. Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the Connz connection monitoring pagination handler, which...

7.7CVSS6.2AI score0.0056EPSS
Exploits0References2
snyk
snyk
added 2026/07/08 10:38 p.m.5 views

Integer Overflow or Wraparound

Overview github.com/nats-io/nats-server/server is an A simple, secure and performant communications system for digital systems, services and devices. Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the Connz connection monitoring pagination handler, which...

7.7CVSS6.2AI score0.0056EPSS
Exploits0References2
nvd
nvd
added 2026/07/08 9:16 p.m.7 views

CVE-2026-58207

NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12, a client able to send account-scoped connection monitoring requests could crash the server by supplying Connz pagination Offset and Limit values that overflowed internal...

7.7CVSS0.0056EPSS
Exploits0References5
cvelist
cvelist
added 2026/07/08 8:15 p.m.33 views

CVE-2026-58207 NATS Server: Remote crash via integer overflow in Connz pagination

NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12, a client able to send account-scoped connection monitoring requests could crash the server by supplying Connz pagination Offset and Limit values that overflowed internal...

7.7CVSS0.0056EPSS
Exploits0References5
cve
cve
added 2026/07/08 8:15 p.m.7 views

CVE-2026-58207

CVE-2026-58207 affects NATS Server. A client sending account-scoped Connz pagination requests could cause an integer overflow in the pagination logic, crashing the server before the response window is bounded. Affected versions are before 2.14.3 and before 2.12.12; fixed releases are 2.14.3 and 2...

7.7CVSS6AI score0.0056EPSS
Exploits0References5Affected Software1
osv
osv
added 2026/07/08 8:15 p.m.4 views

CVE-2026-58207 NATS Server: Remote crash via integer overflow in Connz pagination

NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12, a client able to send account-scoped connection monitoring requests could crash the server by supplying Connz pagination Offset and Limit values that overflowed internal...

7.7CVSS6.1AI score0.0056EPSS
Exploits0References7
Rows per page
Query Builder