6097 matches found
CVE-2026-31368
creationtimestamp| type| source ---|---|--- 2026-04-21 07:26:48+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mjyhfby5pv23 2026-04-21 07:30:34+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mjyhlzy3vh2c 2026-04-21 09:15:10+00:00| seen|...
CVE-2026-42205
creationtimestamp| type| source ---|---|--- 2026-04-20 20:37:36+00:00| published-proof-of-concept| https://github.com/avo-hq/avo/security/advisories/GHSA-qc5p-3mg5-9fh8 2026-05-08 22:28:42+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mlerpne5yd2r 2026-05-08 22:29:00+00:00...
CVE-2026-2986
The Contextual Related Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'otherattributes' parameter in versions up to, and including, 4.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2026-26944
creationtimestamp| type| source ---|---|--- 2026-04-20 17:21:45+00:00| seen| Telegram/7kKxZY5KjVtNNq82uAZn6qPfMFkWsKJQXsAec31tFmY88 2026-04-20 18:24:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjx3nq4or32c 2026-04-20 18:50:13+00:00| seen|...
CVE-2026-30266
creationtimestamp| type| source ---|---|--- 2026-04-20 14:09:49+00:00| seen| https://t.me/bdufstecru/3092 2026-04-20 18:47:56+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mjx4ycn7lz2r 2026-04-20 18:50:20+00:00| seen|...
CVE-2026-6630
creationtimestamp| type| source ---|---|--- 2026-04-20 12:25:18+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjwhlzf3kt2k 2026-04-20 13:16:52+00:00| published-proof-of-concept| Telegram/7GNSW27Y2N6zMsJzLht94-sDuqQRdO09nNnVciVhTSt0Y 2026-04-20 13:22:21+00:00| seen|...
CVE-2026-6603
creationtimestamp| type| source ---|---|--- 2026-04-20 07:15:49+00:00| published-proof-of-concept| Telegram/UmvoOoU43UC2jMqfLobJT4zrFIQl61G8LbQOBbZSD5gsLA 2026-04-20 08:19:27+00:00| seen| https://bsky.app/profile/basefortify.bsky.social/post/3mjvzuaeas22y 2026-04-20 08:19:27+00:00| seen|...
Improper Authorization
github.com/mattermost/mattermost-server is vulnerable to improper authorization. The vulnerability is due to failure in validating the relationship between the post being updated and the MSTeams plugin OAuth flow, which allows an attacker to exploit this via a crafted OAuth redirect URL to edit...
CVE-2026-6594
creationtimestamp| type| source ---|---|--- 2026-04-20 03:15:41+00:00| published-proof-of-concept| Telegram/53YGjSkDbPEnJFokQd7pok6KqRvuzpfctV8oYeRU736c 2026-04-20 03:58:52+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjvlcl2uzl2h 2026-04-20 05:35:15+00:00| seen|...
CVE-2026-6563
creationtimestamp| type| source ---|---|--- 2026-04-19 09:00:30+00:00| seen| https://infosec.exchange/users/offseq/statuses/116430551736901385 2026-04-19 09:00:32+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mjtlp2da3t22 2026-04-19 09:34:22+00:00| seen|...
CVE-2026-2986
The Contextual Related Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'otherattributes' parameter in versions up to, and including, 4.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2026-2986
The Contextual Related Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'otherattributes' parameter in versions up to, and including, 4.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2026-2986 Contextual Related Posts <= 4.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'other_attributes'
The Contextual Related Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'otherattributes' parameter in versions up to, and including, 4.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
EUVD-2026-23674
The Contextual Related Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'otherattributes' parameter in versions up to, and including, 4.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2026-2986
The Contextual Related Posts plugin for WordPress is vulnerable to a Stored Cross-Site Scripting (XSS) via the 'other_attributes' parameter in versions up to and including 4.2.1, due to insufficient input sanitization and output escaping. The vulnerability allows authenticated attackers with cont...
CVE-2026-2986 Contextual Related Posts <= 4.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'other_attributes'
The Contextual Related Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'otherattributes' parameter in versions up to, and including, 4.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2026-40492
creationtimestamp| type| source ---|---|--- 2026-04-18 05:18:34+00:00| published-proof-of-concept| Telegram/veDSMFN7ecyhltWdKUwpcYAyE-ogEw-qfchv6YBZH7Zn1oc 2026-04-18 05:38:37+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjqpx4bamu26 2026-04-18 06:00:28+00:00| seen|...
PT-2026-33602
Name of the Vulnerable Software and Affected Versions Contextual Related Posts versions prior to 4.2.2 Description The Contextual Related Posts plugin for WordPress contains a Stored Cross-Site Scripting issue. Authenticated attackers with contributor-level access or higher can inject arbitrary w...
WordPress plugin Contextual Related Posts 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...
WordPress Contextual Related Posts plugin <= 4.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by ? in WordPress Plugin Contextual Related Posts versions = 4.2.1...