Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

21 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2023-50061

Malicious code in bioql PyPI...

7.1CVSS7AI score0.00193EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 5:1 a.m.4 views

CVE-2023-45772

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Scribit Proofreading plugin = 1.0.11 versions...

7.1CVSS5.9AI score0.00193EPSS
Exploits0
CNNVD
CNNVDadded 2025/05/07 12:0 a.m.2 views

WordPress plugin Supertext Translation and Proofreading 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

7.1CVSS7.1AI score0.0008EPSS
Exploits0References1
CNVD
CNVDadded 2025/03/27 12:0 a.m.1 views

GPT Academic Cross-Site Scripting Vulnerability

GPT Academic is an interface that provides pragmatic interactions for LLM grand language models such as GPT/GLM. GPT Academic suffers from a cross-site scripting vulnerability that stems from the Latex Proof-Reading Module's lack of effective filtering and escaping of user-supplied data, which ca...

5.4CVSS6.2AI score0.00127EPSS
Exploits1References1
NVD
NVDadded 2025/01/17 7:15 a.m.12 views

CVE-2024-12466

The Proofreading plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'nonce' parameter in all versions up to, and including, 1.2.1.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

6.1CVSS0.01914EPSS
Exploits0References3
CVE
CVEadded 2025/01/17 7:1 a.m.40 views

CVE-2024-12466

CVE-2024-12466 – WordPress Proofreading plugin : Reflected XSS via the nonce parameter in all versions up to 1.2.1.1 due to insufficient input sanitization and output escaping. Impact: unauthenticated attacker can inject scripts on pages that run when a user is tricked into an action (e.g., click...

6.1CVSS6AI score0.01914EPSS
Exploits0References3
Cvelist
Cvelistadded 2025/01/17 7:1 a.m.16 views

CVE-2024-12466 Proofreading <= 1.2.1.1 - Reflected Cross-Site Scripting

The Proofreading plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'nonce' parameter in all versions up to, and including, 1.2.1.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

6.1CVSS0.01914EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2025/01/17 7:1 a.m.6 views

CVE-2024-12466 Proofreading <= 1.2.1.1 - Reflected Cross-Site Scripting

The Proofreading plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'nonce' parameter in all versions up to, and including, 1.2.1.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

6.1CVSS6AI score0.01914EPSS
Exploits0References3
CNNVD
CNNVDadded 2025/01/17 12:0 a.m.1 views

WordPress plugin Proofreading 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.1CVSS7.6AI score0.01914EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2025/01/17 12:0 a.m.2 views

PT-2025-1858 · WordPress · Proofreading Plugin

Name of the Vulnerable Software and Affected Versions: Proofreading plugin for WordPress versions up to, and including, 1.2.1.1 Description: The issue is related to Reflected Cross-Site Scripting via the nonce parameter due to insufficient input sanitization and output escaping. This allows...

6.1CVSS8.7AI score0.01914EPSS
Exploits0References8
Patchstack
Patchstackadded 2025/01/16 7:34 p.m.2 views

WordPress Proofreading plugin <= 1.2.1.1 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin Proofreading versions = 1.2.1.1...

6.1CVSS6.3AI score0.01914EPSS
Exploits0References1Affected Software1
OSV
OSVadded 2023/10/25 6:17 p.m.1 views

CVE-2023-45772

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Scribit Proofreading plugin = 1.0.11 versions...

6.1CVSS7.3AI score
Exploits0References1
NVD
NVDadded 2023/10/25 6:17 p.m.9 views

CVE-2023-45772

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Scribit Proofreading plugin = 1.0.11 versions...

7.1CVSS6.2AI score0.00193EPSS
Exploits0References1
Prion
Prionadded 2023/10/25 6:17 p.m.10 views

Cross site scripting

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Scribit Proofreading plugin = 1.0.11 versions...

5.8CVSS6AI score0.00193EPSS
Exploits0References1Affected Software1
CNNVD
CNNVDadded 2023/10/25 12:0 a.m.1 views

WordPress Plugin Proofreading Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

7.1CVSS6AI score0.00193EPSS
Exploits0References2
CVE
CVEadded 2023/10/24 12:18 p.m.33 views

CVE-2023-45772

CVE-2023-45772 is an unauthenticated reflected XSS in the Scribit Proofreading WordPress plugin, affected versions ≤ 1.0.11. The issue allows script injection via reflected input. PatchStack states the vulnerability is fixed in version 1.2; remediation is to update to 1.2 or later. Other sources ...

7.1CVSS6AI score0.00193EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2023/10/24 12:18 p.m.18 views

CVE-2023-45772 WordPress Proofreading Plugin <= 1.0.11 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Scribit Proofreading plugin = 1.0.11 versions...

7.1CVSS5.8AI score0.00193EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2023/10/24 12:0 a.m.2 views

PT-2023-29684 · WordPress · Scribit Proofreading Plugin

Name of the Vulnerable Software and Affected Versions: Scribit Proofreading plugin versions 1.0.11 and earlier Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This allows for malicious scripts to be injected into a website, potentially leading to...

7.1CVSS6.1AI score0.00193EPSS
Exploits0References4
Patchstack
Patchstackadded 2023/10/12 12:0 a.m.8 views

WordPress Proofreading Plugin <= 1.0.11 is vulnerable to Cross Site Scripting (XSS)

Software Proofreading Type Plugin Vulnerable versions = 1.0.11 Fixed in 1.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-45772 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f9cf0df1a9ff Credits thiennv Required...

7.1CVSS5.6AI score0.00193EPSS
Exploits0References2Affected Software1
CNVD
CNVDadded 2022/01/07 12:0 a.m.16 views

Apache Geode Injection Vulnerability

Apache Geode is an Apache Foundation management platform for providing real-time and consistent access to data for data-intensive applications in distributed cloud architectures. security attributes prefixed with "sysprop-", "javax.net.ssl", or "security-" are vulnerable to logging of sensitive...

7.5CVSS2.6AI score0.00356EPSS
Exploits0References1
Rows per page
Query Builder