Lucene search
+L

60 matches found

RedhatCVE
RedhatCVE
added 2026/01/06 5:7 a.m.15 views

CVE-2025-15458

A vulnerability was determined in bg5sbk MiniCMS up to 1.8. This affects an unknown function of the file /mc-admin/post-edit.php of the component Article Handler. Executing a manipulation can lead to improper authentication. It is possible to launch the attack remotely. The exploit has been...

7.5CVSS6.5AI score0.00511EPSS
Exploits1References1
NVD
NVD
added 2026/01/05 5:15 a.m.20 views

CVE-2025-15458

A vulnerability was determined in bg5sbk MiniCMS up to 1.8. This affects an unknown function of the file /mc-admin/post-edit.php of the component Article Handler. Executing a manipulation can lead to improper authentication. It is possible to launch the attack remotely. The exploit has been...

9.8CVSS0.00511EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/01/05 5:2 a.m.3 views

CVE-2025-15458 bg5sbk MiniCMS Article post-edit.php improper authentication

A vulnerability was determined in bg5sbk MiniCMS up to 1.8. This affects an unknown function of the file /mc-admin/post-edit.php of the component Article Handler. Executing a manipulation can lead to improper authentication. It is possible to launch the attack remotely. The exploit has been...

7.5CVSS6.2AI score0.00511EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/01/05 5:2 a.m.36 views

CVE-2025-15458 bg5sbk MiniCMS Article post-edit.php improper authentication

A vulnerability was determined in bg5sbk MiniCMS up to 1.8. This affects an unknown function of the file /mc-admin/post-edit.php of the component Article Handler. Executing a manipulation can lead to improper authentication. It is possible to launch the attack remotely. The exploit has been...

7.5CVSS0.00511EPSS
Exploits1References4
CVE
CVE
added 2026/01/05 5:2 a.m.19 views

CVE-2025-15458

CVE-2025-15458 affects bg5sbk MiniCMS

9.8CVSS7.2AI score0.00511EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/05 12:0 a.m.9 views

PT-2026-1212

Name of the Vulnerable Software and Affected Versions bg5sbk MiniCMS versions up to 1.8 Description A flaw exists in bg5sbk MiniCMS that can lead to improper authentication. The issue affects an unknown function within the Article Handler component, specifically in the file /mc-admin/post-edit.ph...

7.5CVSS5.9AI score0.00511EPSS
Exploits1References11
CNNVD
CNNVD
added 2026/01/05 12:0 a.m.8 views

MiniCMS 授权问题漏洞

MiniCMS is a mini content management system designed for personal websites by the individual developer of Dada bg5sbk. An authorization issue vulnerability exists in MiniCMS 1.8 and earlier versions, which stems from an incorrect operation of the file /mc-admin/post-edit.php of the component...

9.8CVSS7.3AI score0.00511EPSS
Exploits1References5
EUVD
EUVD
added 2025/12/31 9:30 p.m.5 views

EUVD-2025-206069

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Christopher Churchill allows Reflected XSS.This issue affects custom-post-edit: from n/a through 1.0.4...

7.1CVSS5.9AI score0.00146EPSS
Exploits0References2
NVD
NVD
added 2025/12/31 8:15 p.m.6 views

CVE-2025-23667

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Christopher Churchill custom-post-edit front-end-post-edit allows Reflected XSS.This issue affects custom-post-edit: from n/a through = 1.0.4...

7.1CVSS0.00146EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/31 7:54 p.m.2 views

CVE-2025-23667 WordPress custom-post-edit plugin <= 1.0.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Christopher Churchill allows Reflected XSS.This issue affects custom-post-edit: from n/a through 1.0.4...

7.1CVSS6AI score0.00146EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/12/31 7:54 p.m.5 views

CVE-2025-23667

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Christopher Churchill custom-post-edit front-end-post-edit allows Reflected XSS.This issue affects custom-post-edit: from n/a through = 1.0.4...

7.1CVSS7.2AI score0.00146EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/31 7:54 p.m.31 views

CVE-2025-23667 WordPress custom-post-edit plugin <= 1.0.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Christopher Churchill custom-post-edit front-end-post-edit allows Reflected XSS.This issue affects custom-post-edit: from n/a through = 1.0.4...

7.1CVSS0.00146EPSS
Exploits0References1
CVE
CVE
added 2025/12/31 7:54 p.m.22 views

CVE-2025-23667

CVE-2025-23667 concerns WordPress plugin custom-post-edit (

7.1CVSS7.2AI score0.00146EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/31 12:0 a.m.5 views

WordPress plugin custom-post-edit 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

7.1CVSS7.1AI score0.00146EPSS
Exploits0References1
CVE
CVE
added 2025/11/14 8:3 a.m.19 views

CVE-2025-55073

Mattermost Server contains CVE-2025-55073: versions 10.11.x (&lt;=10.11.3), 10.5.x (&lt;=10.5.11), and 10.12.x (

5.4CVSS6.5AI score0.00179EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/11/14 8:3 a.m.2 views

CVE-2025-55073 MS Teams plugin OAuth allows editing arbitrary posts

Mattermost versions 10.11.x = 10.11.3, 10.5.x = 10.5.11, 10.12.x = 10.12.0 fail to validate the relationship between the post being updated and the MSTeams plugin OAuth flow which allows an attacker to edit arbitrary posts via a crafted MSTeams plugin OAuth redirect URL...

5.4CVSS6.5AI score0.00179EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/14 12:0 a.m.6 views

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A security vulnerability exists in Mattermost versions 10.11.3 and prior to 10.11.x, 10.5.11 and prior to 10.5.x, and 10.12.0 and prior to 10.12.x. The vulnerability stems from an unvalidated post upda...

5.4CVSS6.4AI score0.00179EPSS
Exploits0References2
OSV
OSV
added 2025/06/19 10:15 a.m.4 views

CVE-2025-5071

The AI Engine plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the 'MeowMWAILabsMCP::canaccessmcp' function in versions 2.8.0 to 2.8.3. This makes it possible for authenticated attackers, with subscriber-level access and...

8.8CVSS5.8AI score0.00617EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/03/19 11:58 a.m.7 views

WordPress custom-post-edit plugin <= 1.0.4 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin custom-post-edit versions = 1.0.4...

7.1CVSS7.5AI score0.00146EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2024/10/07 12:0 a.m.6 views

Online News site 安全漏洞

Online News site is an online news site by the individual developer Mobina Jafarian. A security vulnerability exists in Online News site version v1.0, which stems from vulnerability to cross-site scripting XSS attacks and allows an attacker to execute arbitrary code via the title and summary fiel...

6.6CVSS6.5AI score0.0024EPSS
Exploits0References3
Rows per page
Query Builder