Lucene search
+L

56 matches found

Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.19 views

PT-2026-43934

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the DAMON core where the damos quota goal-nid value for node memcg used bp and node memcg free bp is not validated before being used in the NODE-DATA macro. This allow...

7.1CVSS6AI score0.00117EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/08 12:0 a.m.13 views

On the Security of Research Artifacts

Research artifacts are widely shared to support reproducibility, and artifact evaluation AE has become common at many leading conferences. However, AE mainly checks whether artifacts work as claimed and can be reproduced. It largely overlooks potential security risks. Since these artifacts are...

6AI score
Exploits0
Securelist
Securelist
added 2026/04/15 12:30 p.m.20 views

Threat landscape for industrial automation systems in Q4 2025

Statistics across all threats The percentage of ICS computers on which malicious objects were blocked has been decreasing since the beginning of 2024. In Q4 2025, it was 19.7%. Over the past three years, the percentage has decreased by 1.36 times, and by 1.25 times since Q4 2023. Percentage of IC...

5.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/12/07 6:5 a.m.10 views

CVE-2025-12715

The Canadian Nutrition Facts Label plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'percentage' field in the Nutrition Label custom post type in all versions up to, and including, 3.0 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS5.1AI score0.00162EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/06 6:30 a.m.6 views

EUVD-2025-201524

The Canadian Nutrition Facts Label plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'percentage' field in the Nutrition Label custom post type in all versions up to, and including, 3.0 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS4.7AI score0.00162EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/06 5:49 a.m.2 views

CVE-2025-12715 Canadian Nutrition Facts Label <= 3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Nutrition Label Custom Post Type

The Canadian Nutrition Facts Label plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'percentage' field in the Nutrition Label custom post type in all versions up to, and including, 3.0 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS4.8AI score0.00162EPSS
Exploits0References2
CVE
CVE
added 2025/12/06 5:49 a.m.20 views

CVE-2025-12715

CVE-2025-12715 concerns the WordPress plugin Canadian Nutrition Facts Label . It enables a Stored Cross‑Site Scripting (XSS) via the percentage field in the plugin’s Nutrition Label custom post type, affecting all versions up to 3.0. The vulnerability can be exploited by authenticated attackers w...

6.4CVSS4.8AI score0.00162EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/06 12:0 a.m.12 views

PT-2025-49334

The Canadian Nutrition Facts Label plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'percentage' field in the Nutrition Label custom post type in all versions up to, and including, 3.0 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS5.1AI score0.00162EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/10/24 10:38 p.m.6 views

CVE-2025-7730

The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘percentage’ parameter in all versions up to, and including, 5.4.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...

6.4CVSS4.9AI score0.00211EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/24 12:30 a.m.6 views

EUVD-2025-35733

The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘percentage’ parameter in all versions up to, and including, 5.4.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...

6.4CVSS4.5AI score0.00211EPSS
Exploits0References4
NVD
NVD
added 2025/10/23 11:15 p.m.5 views

CVE-2025-7730

The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘percentage’ parameter in all versions up to, and including, 5.4.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...

6.4CVSS0.00211EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/10/23 10:25 p.m.3 views

CVE-2025-7730 Bold Page Builder <= 5.4.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via `percentage` Parameter

The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘percentage’ parameter in all versions up to, and including, 5.4.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...

6.4CVSS4.6AI score0.00211EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/10/23 10:25 p.m.9 views

CVE-2025-7730 Bold Page Builder <= 5.4.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via `percentage` Parameter

The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘percentage’ parameter in all versions up to, and including, 5.4.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...

6.4CVSS0.00211EPSS
Exploits0References3
CVE
CVE
added 2025/10/23 10:25 p.m.18 views

CVE-2025-7730

CVE-2025-7730 - Bold Page Builder (WordPress) Stored XSS : Wordfence reports a stored cross-site scripting vulnerability in Bold Page Builder up to version 5.4.5, exploitable by authenticated users with Contributor+ permissions via the percentage parameter. The flaw arises from insufficient input...

6.4CVSS4.6AI score0.00211EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/10/23 10:12 p.m.8 views

WordPress Bold Page Builder plugin <= 5.4.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via `percentage` Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via percentage Parameter vulnerability discovered by Peter Thaleikis in WordPress Plugin Bold Page Builder versions = 5.4.5...

6.4CVSS5.5AI score0.00211EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/10/23 12:0 a.m.5 views

WordPress plugin Bold Page Builder 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

6.4CVSS5.7AI score0.00211EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/08 7:20 a.m.5 views

EUVD-2025-32910

Malicious code in v0-runtime npm...

6.6AI score
Exploits0
CVE
CVE
added 2025/10/07 6:32 p.m.14 views

CVE-2025-11404

SourceCodester Hotel and Lodge Management System 1.0 is affected by CVE-2025-11404 due to an SQL injection in the /pages/save_tax.php file, caused by improper handling of the percentage parameter. An attacker can remotely exploit this vulnerability, and public disclosures exist. The vulnerability...

9.8CVSS6.4AI score0.00323EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2025/10/07 12:0 a.m.8 views

PT-2025-41153

Name of the Vulnerable Software and Affected Versions SourceCodester Hotel and Lodge Management System version 1.0 Description A flaw exists in SourceCodester Hotel and Lodge Management System 1.0, specifically within the /pages/save tax.php file. Manipulation of the percentage argument can resul...

9.8CVSS6.7AI score0.00323EPSS
Exploits1References7
Securelist
Securelist
added 2025/09/05 9:0 a.m.16 views

IT threat evolution in Q2 2025. Mobile statistics

IT threat evolution in Q2 2025. Mobile statistics IT threat evolution in Q2 2025. Non-mobile statistics The mobile section of our quarterly cyberthreat report includes statistics on malware, adware, and potentially unwanted software for Android, as well as descriptions of the most notable threats...

6.7AI score
Exploits0
Rows per page
Query Builder