Lucene search
K

493 matches found

RedhatCVE
RedhatCVE
added 2026/02/12 7:33 a.m.7 views

CVE-2026-1893

The Orbisius Random Name Generator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'btnlabel' parameter in the 'orbisiusrandomnamegenerator' shortcode in all versions up to, and including, 1.0.2 due to insufficient input sanitization and output escaping. This makes it...

6.4CVSS5.7AI score0.00227EPSS
Exploits0References1
CVE
CVE
added 2026/02/11 4:36 a.m.23 views

CVE-2026-1893

The CVE affects Orbisius Random Name Generator for WordPress. Description: Stored Cross-Site Scripting via the btn_label shortcode attribute in orbisius_random_name_generator, affect versions up to 1.0.2. Root cause: insufficient input sanitization and output escaping. Impact: authenticated attac...

6.4CVSS5.7AI score0.00227EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/11 4:36 a.m.5 views

CVE-2026-1893

The Orbisius Random Name Generator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'btnlabel' parameter in the 'orbisiusrandomnamegenerator' shortcode in all versions up to, and including, 1.0.2 due to insufficient input sanitization and output escaping. This makes it...

6.4CVSS5.7AI score0.00227EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/02/11 4:36 a.m.26 views

CVE-2026-1893 Orbisius Random Name Generator <= 1.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'btn_label' Shortcode Attribute

The Orbisius Random Name Generator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'btnlabel' parameter in the 'orbisiusrandomnamegenerator' shortcode in all versions up to, and including, 1.0.2 due to insufficient input sanitization and output escaping. This makes it...

6.4CVSS0.00227EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/11 4:36 a.m.3 views

CVE-2026-1893 Orbisius Random Name Generator <= 1.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'btn_label' Shortcode Attribute

The Orbisius Random Name Generator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'btnlabel' parameter in the 'orbisiusrandomnamegenerator' shortcode in all versions up to, and including, 1.0.2 due to insufficient input sanitization and output escaping. This makes it...

6.4CVSS5.7AI score0.00227EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/11 12:0 a.m.11 views

WordPress plugin Orbisius Random Name Generator 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.4CVSS5.6AI score0.00227EPSS
Exploits0References3
Snyk
Snyk
added 2025/11/24 8:33 p.m.1 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

9.8CVSS6.8AI score
Exploits0References3
Snyk
Snyk
added 2025/11/24 4:24 p.m.4 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

9.8CVSS6.8AI score
Exploits0References3
Snyk
Snyk
added 2025/11/24 4:24 p.m.2 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

9.8CVSS6.8AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.7 views

Malicious code in neuromorphic-cybernetics-cosmogenic-neutronstar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 160b9ee422b1614bc10ab76b17cfd59829dd820e115922f452f8253b0f2750f1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.3 views

MAL-2025-186823 Malicious code in error-alpha-sanitize-sanitize-daemon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c05a938b12a3f015427b82e19d6772e1ff1d896c7088a090df2f14ff244015e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in easy-emulate-try-psi-balance (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4b725c2958c571c434e5ee27ebe65d6524758ba7da779226c50ea40f71bbbdba This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in config-pipe-promise-start (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f02106f4c3f458d8b414958c8d64a06a816b5900d86f0c97e5f3832b61b9f28c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in blaze-transport-eridanus-singularitarianism (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 132336594566f83353e8d26153b7eaa947954f4e3280dca688c1d21777f60534 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in archaeometry-accretion-avior-panspermia (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 75cacb75c83f3d611e28110f6eecd72ad718397db46669eab7ed2b3d26a8e33c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.4 views

Malicious code in earth-protected-gamma-test-star (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 607017a42bce9e56670763a33b409d170584375240403b448fd7b4741454f5f1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.3 views

MAL-2025-187961 Malicious code in mechatronics-deneb-bunyan-radiant (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d599caec2bfcecde9b1d411603b07dd551398020115dfb5d3378fb712c2a9951 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.3 views

MAL-2025-189186 Malicious code in repository-heka-nestjs-mesosphere (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 280a9a067b4d3a3569af0705929db53acb6d1cabc8a723c0f0e6fbe9a4024fb4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.4 views

MAL-2025-186635 Malicious code in double-rain-protected-import-monitor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8581e04e65ec57750c45a77518bc0bde32027cce7cec3092673048972abc390a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.4 views

MAL-2025-187306 Malicious code in heka-mdx-kaus-indus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 272c8eefdcedd52dab7dc0dd7eef12e6f770658cedcd0d14ba9ec787e9ad9cb3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
Rows per page
Query Builder