CVE-2025-41665

creationtimestamp| type| source ---|---|--- 2025-07-08 07:11:01+00:00| seen| https://infosec.exchange/users/certvde/statuses/114816362788303261 2025-07-08 07:11:10+00:00| seen| https://bsky.app/profile/certvde.infosec.exchange.ap.brid.gy/post/3ltgqovnswf72 2025-07-08 09:42:38+00:00| seen|...

CVE-2025-24004

creationtimestamp| type| source ---|---|--- 2025-07-08 07:08:53+00:00| seen| https://infosec.exchange/users/certvde/statuses/114816354360150951 2025-07-08 07:10:33+00:00| seen| https://bsky.app/profile/certvde.infosec.exchange.ap.brid.gy/post/3ltgql3inq6b2...

CVE-2025-30943

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aakif Kadiwala Posts Slider Shortcode posts-slider-shortcode allows DOM-Based XSS.This issue affects Posts Slider Shortcode: from n/a through = 1.0...

CVE-2025-5920

The Sharable Password Protected Posts before version 1.1.1 allows access to password protected posts by providing a secret key in a GET parameter. However, the key is exposed by the REST API...

CVE-2025-30943

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aakif Kadiwala Posts Slider Shortcode posts-slider-shortcode allows DOM-Based XSS.This issue affects Posts Slider Shortcode: from n/a through = 1.0...

CVE-2025-30943

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aakif Kadiwala Posts Slider Shortcode posts-slider-shortcode allows DOM-Based XSS.This issue affects Posts Slider Shortcode: from n/a through = 1.0...

CVE-2025-30943 WordPress Posts Slider Shortcode plugin <= 1.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aakif Kadiwala Posts Slider Shortcode posts-slider-shortcode allows DOM-Based XSS.This issue affects Posts Slider Shortcode: from n/a through = 1.0...

CVE-2025-30943

CVE-2025-30943 concerns WordPress plugin Posts Slider Shortcode . The vulnerability is due to improper neutralization of input during web page generation, enabling DOM-based XSS . Affected software is the Posts Slider Shortcode plugin for WordPress, versions up to 1.0 (likely inclusive). The CVE ...

WordPress plugin Posts Slider Shortcode Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

WordPress plugin Sharable Password Protected Posts 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, and WordPress plugin is an application plugin. An information disclosure vulnerability exists in WordPress Sharable Password Protected Posts, which stems from the REST API exposing a key that can be exploited by an...

PT-2025-27886 · Unknown · Aakif Kadiwala Posts Slider Shortcode

Name of the Vulnerable Software and Affected Versions: Aakif Kadiwala Posts Slider Shortcode versions 1.0 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for DOM-Based Cross-site Scripting XSS. This means that an attacker...

CVE-2025-1220

creationtimestamp| type| source ---|---|--- 2025-07-03 14:27:44+00:00| seen| https://bsky.app/profile/remirepo.net/post/3lt2wr5vznc2z 2025-07-03 14:28:48+00:00| seen| https://bsky.app/profile/remirepo.net/post/3lt2wt3iuzk2z 2025-07-14 10:07:49+00:00| seen|...

CVE-2025-46647

creationtimestamp| type| source ---|---|--- 2025-07-02 11:04:26+00:00| seen| https://seclists.org/oss-sec/2025/q3/2 2025-07-02 13:27:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lsycvsiflh2r 2025-07-02 13:30:55+00:00| seen|...

CVE-2025-6297

creationtimestamp| type| source ---|---|--- 2025-07-01 17:08:44+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/20063 2025-10-15 19:34:49+00:00| seen| https://bsky.app/profile/gcpweekly.bsky.social/post/3m3ayfyuasw2c 2025-10-15 19:34:52+00:00| seen|...

CVE-2025-49845

Discourse is an open-source discussion platform. The visibility of posts typed whisper is controlled via the whispersallowedgroups site setting. Only users that belong to groups specified in the site setting are allowed to view posts typed whisper. However, it has been discovered that users of...

CVE-2025-49845 Discourse users are able to see their own whispers even after being removed from a group that has been configured to see whispers

Discourse is an open-source discussion platform. The visibility of posts typed whisper is controlled via the whispersallowedgroups site setting. Only users that belong to groups specified in the site setting are allowed to view posts typed whisper. However, it has been discovered that users of...

CVE-2025-36038

creationtimestamp| type| source ---|---|--- 2025-06-25 14:40:06+00:00| seen| https://bsky.app/profile/knaepp.bsky.social/post/3lsgtpvjx5z2f 2025-06-25 15:05:03+00:00| seen| https://bsky.app/profile/knaepp.bsky.social/post/3lsgv4jwtd522 2025-06-25 21:45:07+00:00| seen|...

CVE-2025-6543

creationtimestamp| type| source ---|---|--- 2025-06-25 12:51:00+00:00| seen| https://thehackernews.com/2025/06/citrix-releases-emergency-patches-for.html 2025-06-25 13:50:50+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/19439 2025-06-25 14:54:41+00:00| exploited|...

Discourse 信息泄露漏洞

Discourse is an open source community discussion platform from Discourse Open Source. The platform includes features such as communities, email, and chat rooms. An information disclosure vulnerability exists in Discourse versions prior to 3.4.6 and prior to 3.5.0.beta8-dev, which stems from users...

PT-2025-26841 · Discourse · Discourse

Name of the Vulnerable Software and Affected Versions: Discourse versions prior to 3.4.6 Discourse versions prior to 3.5.0.beta8-dev Description: Discourse is an open-source discussion platform where the visibility of posts typed whisper is controlled via the whispers allowed groups site setting...