6191 matches found
CVE-2025-54352
WordPress 3.5 through 6.8.2 allows remote attackers to guess titles of private and draft posts via pingback.ping XML-RPC requests. NOTE: the Supplier is not changing this behavior...
CVE-2025-7871
creationtimestamp| type| source ---|---|--- 2025-07-20 08:01:31+00:00| seen| https://bsky.app/profile/potato.software/post/3luez47hg2m26 2025-07-20 09:04:23+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3luf4mmd6rp2t 2025-07-22 03:54:24+00:00| seen|...
Mattermost 安全漏洞
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A security vulnerability exists in Mattermost versions 10.5.6 and prior 10.5.x, 10.8.1 and prior 10.8.x, 10.7.3 and prior 10.7.x, and 9.11.16 and prior 9.11.x. The vulnerability stems from a failure to...
PT-2025-30017 · Mattermost · Mattermost
Name of the Vulnerable Software and Affected Versions: Mattermost versions 9.11.x through 9.11.16 Mattermost versions 10.5.x through 10.5.6 Mattermost versions 10.7.x through 10.7.3 Mattermost versions 10.8.x through 10.8.1 Description: The software fails to verify authorization when retrieving...
CVE-2025-50716
creationtimestamp| type| source ---|---|--- 2025-07-17 05:19:03+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/44314 2025-07-17 09:00:05+00:00| published-proof-of-concept| Telegram/7jZsAyPbO79zokTMCWqKa300rRL4Jcpz3nrbkvQl9AGhI 2025-11-22 15:36:07+00:00| published-proof-of-concept|...
CVE-2025-53941
creationtimestamp| type| source ---|---|--- 2025-07-17 02:22:56+00:00| seen| https://bsky.app/profile/hollo.hollo.social.ap.brid.gy/post/3lu4uro24kpm2 2025-07-17 02:23:44+00:00| seen| https://bsky.app/profile/hollo.hollo.social.ap.brid.gy/post/3lu4ut6pad4m2 2025-07-17 02:25:35+00:00| seen|...
CVE-2024-44254
creationtimestamp| type| source ---|---|--- 2025-07-15 04:32:32+00:00| seen| https://bsky.app/profile/lizp.bsky.social/post/3lty33vrqss2d 2025-07-15 04:32:34+00:00| seen| https://bsky.app/profile/lizp.bsky.social/post/3lty33w7hc22d 2025-10-01 18:11:57+00:00| seen|...
CVE-2024-44269
creationtimestamp| type| source ---|---|--- 2025-07-15 04:32:32+00:00| seen| https://bsky.app/profile/lizp.bsky.social/post/3lty33vrqss2d 2025-07-15 04:32:34+00:00| seen| https://bsky.app/profile/lizp.bsky.social/post/3lty33w7hc22d...
CVE-2025-38246
creationtimestamp| type| source ---|---|--- 2025-07-09 11:00:56+00:00| seen| https://bsky.app/profile/bluesky.awakari.com/post/3ltjnyvpawd23 2025-07-09 11:03:50+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ltjnywgzguu2 2025-07-09...
CVE-2025-41665
creationtimestamp| type| source ---|---|--- 2025-07-08 07:11:01+00:00| seen| https://infosec.exchange/users/certvde/statuses/114816362788303261 2025-07-08 07:11:10+00:00| seen| https://bsky.app/profile/certvde.infosec.exchange.ap.brid.gy/post/3ltgqovnswf72 2025-07-08 09:42:38+00:00| seen|...
CVE-2025-24004
creationtimestamp| type| source ---|---|--- 2025-07-08 07:08:53+00:00| seen| https://infosec.exchange/users/certvde/statuses/114816354360150951 2025-07-08 07:10:33+00:00| seen| https://bsky.app/profile/certvde.infosec.exchange.ap.brid.gy/post/3ltgql3inq6b2...
CVE-2025-30943
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aakif Kadiwala Posts Slider Shortcode posts-slider-shortcode allows DOM-Based XSS.This issue affects Posts Slider Shortcode: from n/a through = 1.0...
CVE-2025-5920
The Sharable Password Protected Posts before version 1.1.1 allows access to password protected posts by providing a secret key in a GET parameter. However, the key is exposed by the REST API...
CVE-2025-30943
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aakif Kadiwala Posts Slider Shortcode posts-slider-shortcode allows DOM-Based XSS.This issue affects Posts Slider Shortcode: from n/a through = 1.0...
CVE-2025-30943
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aakif Kadiwala Posts Slider Shortcode posts-slider-shortcode allows DOM-Based XSS.This issue affects Posts Slider Shortcode: from n/a through = 1.0...
CVE-2025-30943 WordPress Posts Slider Shortcode plugin <= 1.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aakif Kadiwala Posts Slider Shortcode posts-slider-shortcode allows DOM-Based XSS.This issue affects Posts Slider Shortcode: from n/a through = 1.0...
CVE-2025-30943
CVE-2025-30943 concerns WordPress plugin Posts Slider Shortcode . The vulnerability is due to improper neutralization of input during web page generation, enabling DOM-based XSS . Affected software is the Posts Slider Shortcode plugin for WordPress, versions up to 1.0 (likely inclusive). The CVE ...
WordPress plugin Posts Slider Shortcode Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...
WordPress plugin Sharable Password Protected Posts 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation, and WordPress plugin is an application plugin. An information disclosure vulnerability exists in WordPress Sharable Password Protected Posts, which stems from the REST API exposing a key that can be exploited by an...
PT-2025-27886 · Unknown · Aakif Kadiwala Posts Slider Shortcode
Name of the Vulnerable Software and Affected Versions: Aakif Kadiwala Posts Slider Shortcode versions 1.0 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for DOM-Based Cross-site Scripting XSS. This means that an attacker...