Lucene search
+L

70 matches found

EUVD
EUVD
added 2026/07/01 1:34 p.m.9 views

EUVD-2026-40991

Incorrect Privilege Assignment vulnerability in LCweb PrivateContent allows Privilege Escalation. This issue affects PrivateContent: from n/a through 9.9.2...

9.8CVSS5.8AI score0.00292EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/01 1:34 p.m.7 views

CVE-2026-57692

Incorrect Privilege Assignment vulnerability in LCweb PrivateContent allows Privilege Escalation. This issue affects PrivateContent: from n/a through 9.9.2...

9.8CVSS5.8AI score0.00292EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/07/01 1:32 p.m.6 views

WordPress PrivateContent plugin <= 9.9.2 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by 0xd4rk5id3 in WordPress Plugin PrivateContent versions = 9.9.2...

9.8CVSS5.8AI score0.00292EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.8 views

PT-2026-54886

Name of the Vulnerable Software and Affected Versions PrivateContent versions prior to 9.9.2 Description An incorrect privilege assignment in LCweb PrivateContent enables privilege escalation, allowing a user to gain higher levels of access than intended. Recommendations Update PrivateContent to...

9.8CVSS5.9AI score0.00292EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:28 p.m.10 views

CVE-2026-4025

The PrivateContent Free plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'align' shortcode attribute in the pc-login-form shortcode in all versions up to, and including, 1.2.0. This is due to insufficient input sanitization and output escaping on the 'align' attribute...

6.4CVSS5.7AI score0.00276EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/04/09 6:36 p.m.5 views

WordPress PrivateContent Free plugin <= 1.2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'align' Shortcode Attribute vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'align' Shortcode Attribute vulnerability discovered by Gilang - DJ in WordPress Plugin PrivateContent Free versions = 1.2.0...

6.4CVSS5.9AI score0.00276EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/04/08 12:31 p.m.5 views

EUVD-2026-20431

The PrivateContent Free plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'align' shortcode attribute in the pc-login-form shortcode in all versions up to, and including, 1.2.0. This is due to insufficient input sanitization and output escaping on the 'align' attribute...

6.4CVSS6.1AI score0.00276EPSS
Exploits0References9
NVD
NVD
added 2026/04/08 10:16 a.m.8 views

CVE-2026-4025

The PrivateContent Free plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'align' shortcode attribute in the pc-login-form shortcode in all versions up to, and including, 1.2.0. This is due to insufficient input sanitization and output escaping on the 'align' attribute...

6.4CVSS0.00276EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/04/08 9:25 a.m.3 views

CVE-2026-4025 PrivateContent Free <= 1.2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'align' Shortcode Attribute

The PrivateContent Free plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'align' shortcode attribute in the pc-login-form shortcode in all versions up to, and including, 1.2.0. This is due to insufficient input sanitization and output escaping on the 'align' attribute...

6.4CVSS6.1AI score0.00276EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/04/08 9:25 a.m.31 views

CVE-2026-4025 PrivateContent Free <= 1.2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'align' Shortcode Attribute

The PrivateContent Free plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'align' shortcode attribute in the pc-login-form shortcode in all versions up to, and including, 1.2.0. This is due to insufficient input sanitization and output escaping on the 'align' attribute...

6.4CVSS0.00276EPSS
Exploits0References8
CVE
CVE
added 2026/04/08 9:25 a.m.15 views

CVE-2026-4025

CVE-2026-4025 affects the PrivateContent Free WordPress plugin (pre-1.2.0). The flaw is a Stored XSS in the [pc-login-form] shortcode via the align attribute, caused by insufficient sanitization and lack of escaping when the attribute flows from the shortcode to pc_static::form_align() and is con...

6.4CVSS6.1AI score0.00276EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/04/08 9:25 a.m.1 views

CVE-2026-4025

The PrivateContent Free plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'align' shortcode attribute in the pc-login-form shortcode in all versions up to, and including, 1.2.0. This is due to insufficient input sanitization and output escaping on the 'align' attribute...

6.4CVSS6.1AI score0.00276EPSS
Exploits0References9
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.7 views

WordPress plugin PrivateContent Free 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.4CVSS5.8AI score0.00276EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.11 views

PT-2026-31286

Name of the Vulnerable Software and Affected Versions PrivateContent Free versions up to and including 1.2.0 Description The PrivateContent Free plugin for WordPress is susceptible to Stored Cross-Site Scripting through the 'align' shortcode attribute within the pc-login-form shortcode. This occu...

6.4CVSS5.8AI score0.00276EPSS
Exploits0References12
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-7726

Malicious code in bioql PyPI...

8.5CVSS6.6AI score0.00307EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-7725

Malicious code in bioql PyPI...

7.1CVSS6.6AI score0.00213EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-5442

Malicious code in bioql PyPI...

9.8CVSS8.7AI score0.00592EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-19981

Malicious code in bioql PyPI...

7.5CVSS6.4AI score0.00422EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-12621

Malicious code in bioql PyPI...

5.3CVSS6.4AI score0.00734EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-7724

Malicious code in bioql PyPI...

8.3CVSS6.6AI score0.00283EPSS
Exploits0References1
Rows per page
Query Builder