Lucene search
K

27 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/07 2:59 a.m.5 views

CVE-2026-41659

Admidio is an open-source user management solution. Prior to version 5.0.9, the member assignment DataTables endpoint membersassignmentdata.php includes hidden profile fields BIRTHDAY, STREET, CITY, POSTCODE, COUNTRY in its SQL search condition regardless of field visibility settings. While the...

2.7CVSS5.8AI score0.00258EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/05/07 2:59 a.m.11 views

EUVD-2026-28270

Admidio is an open-source user management solution. Prior to version 5.0.9, the member assignment DataTables endpoint membersassignmentdata.php includes hidden profile fields BIRTHDAY, STREET, CITY, POSTCODE, COUNTRY in its SQL search condition regardless of field visibility settings. While the...

2.7CVSS5.8AI score0.00258EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/24 1:55 p.m.5 views

EUVD-2025-198754

Malicious code in @actbase/react-daum-postcode npm...

6.6AI score
Exploits0References1
OSV
OSV
added 2025/11/24 1:55 p.m.3 views

MAL-2025-190708 Malicious code in @actbase/react-daum-postcode (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b6730961ddc6bcfd14bc8564e2a8ef3d34d757e1ffae65ed7ff88232e115104 The package @actbase/react-daum-postcode was found to contain malicious code. Source: ghsa-malware...

6.8AI score
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-29679

Malicious code in bioql PyPI...

5.9CVSS6.4AI score0.00369EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-30709

Malicious code in bioql PyPI...

5.3CVSS6.5AI score0.00308EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/09/24 6:30 p.m.5 views

CVE-2025-57923

Insertion of Sensitive Information Into Sent Data vulnerability in Ideal Postcodes UK Address Postcode Validation uk-address-postcode-validation allows Retrieve Embedded Sensitive Data.This issue affects UK Address Postcode Validation: from n/a through = 3.9.2...

5.3CVSS5.9AI score0.00308EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/09/22 7:33 p.m.4 views

WordPress UK Address Postcode Validation plugin <= 3.9.2 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Nabil Irawan in WordPress Plugin UK Address Postcode Validation versions = 3.9.2...

5.3CVSS6.9AI score0.00308EPSS
Exploits0Affected Software1
NVD
NVD
added 2025/09/22 7:15 p.m.3 views

CVE-2025-57923

Insertion of Sensitive Information Into Sent Data vulnerability in Ideal Postcodes UK Address Postcode Validation uk-address-postcode-validation allows Retrieve Embedded Sensitive Data.This issue affects UK Address Postcode Validation: from n/a through = 3.9.2...

5.3CVSS0.00308EPSS
Exploits0References1
CVE
CVE
added 2025/09/22 6:25 p.m.19 views

CVE-2025-57923

CVE-2025-57923 concerns the UK Address Postcode Validation WordPress plugin. The initial description notes an Insertion of Sensitive Information into Sent Data vulnerability that exposes an API key, allowing unauthorized use and depletion of API credits when the default configuration is used. Aff...

5.3CVSS5.9AI score0.00308EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/22 6:25 p.m.9 views

CVE-2025-57923 WordPress UK Address Postcode Validation plugin <= 3.9.2 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Ideal Postcodes UK Address Postcode Validation uk-address-postcode-validation allows Retrieve Embedded Sensitive Data.This issue affects UK Address Postcode Validation: from n/a through = 3.9.2...

5.3CVSS0.00308EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/22 6:25 p.m.3 views

CVE-2025-57923 WordPress UK Address Postcode Validation Plugin <= 3.9.2 - Sensitive Data Exposure Vulnerability

An Insertion of Sensitive Information into Sent Data vulnerability in the Ideal Postcodes UK Address Postcode Validation WordPress plugin exposes the API key, allowing unauthorized third parties to retrieve and reuse the key across any domain. Since API keys are unrestricted by default, with the...

5.3CVSS6.3AI score0.00308EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/22 12:0 a.m.6 views

PT-2025-38774

Name of the Vulnerable Software and Affected Versions Ideal Postcodes UK Address Postcode Validation versions through 3.9.2 Description A flaw exists in the UK Address Postcode Validation software that allows for the retrieval of embedded sensitive data through the insertion of sensitive...

5.3CVSS6.2AI score0.00308EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/09/22 12:0 a.m.6 views

WordPress plugin UK Address Postcode Validation Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, with the ability to host personal blog sites on PHP and MySQL based servers.WordPress...

5.3CVSS5.8AI score0.00308EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:25 a.m.8 views

CVE-2023-25782

Auth. admin+ vulnerability in Second2none Service Area Postcode Checker plugin = 2.0.8 versions...

5.9CVSS6.9AI score0.00369EPSS
Exploits0References1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.10 views

WordPress Postcode Redirect Plugin <= 4.4.1 is vulnerable to Cross Site Scripting (XSS)

Software Postcode Redirect Type Plugin Vulnerable versions = 4.4.1 Fixed in 5.0.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2d5e1edfc5f4 Credits Rafie Muhammad Patchstack...

6.8AI score0.00284EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/03/20 10:15 a.m.5 views

CVE-2023-25782

Auth. admin+ vulnerability in Second2none Service Area Postcode Checker plugin = 2.0.8 versions...

4.8CVSS6.7AI score0.00369EPSS
Exploits0References1
NVD
NVD
added 2023/03/20 10:15 a.m.9 views

CVE-2023-25782

Auth. admin+ vulnerability in Second2none Service Area Postcode Checker plugin = 2.0.8 versions...

5.9CVSS5.7AI score0.00369EPSS
Exploits0References1
CVE
CVE
added 2023/03/20 9:49 a.m.39 views

CVE-2023-25782

CVE-2023-25782 affects the WordPress plugin Service Area Postcode Checker ≤ 2.0.8. The issue is an authentication-related Cross‑Site Scripting flaw that can be triggered with admin+ privileges, per CVE and vendor records. Root cause described in related advisories is insufficient sanitization/esc...

5.9CVSS5.2AI score0.00369EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/03/20 12:0 a.m.4 views

WordPress Plugin Service Area Postcode Checker 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

5.9CVSS6.4AI score0.00369EPSS
Exploits0References2
Rows per page
Query Builder