Lucene search
+L

474 matches found

nuclei
nuclei
added 6 hours ago13 views

Tandoor Recipes < 1.5.24 - Jinja2 SSTI RCE

Tandoor Recipes 1.5.24 has a Jinja2 SSTI vulnerability that allows command execution via recipe steps. id: CVE-2025-23211 info: name: Tandoor Recipes 1.5.24 - Jinja2 SSTI RCE author: sammiee5311 severity: critical description: | Tandoor Recipes 1.5.24 has a Jinja2 SSTI vulnerability that allows...

9.9CVSS6.2AI score0.03464EPSS
Exploits1References4
nvd
nvd
added 6 hours ago6 views

CVE-2026-15099

The Delicious Recipes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'steps' block attribute in versions up to, and including, 1.10.2. This is due to insufficient input sanitization and output escaping in the wrapdirectiontext function, which interpolates the...

6.4CVSS
Exploits0References5
cvelist
cvelist
added 8 hours ago9 views

CVE-2026-15099 WP Delicious <= 1.10.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'steps' Block Attribute

The Delicious Recipes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'steps' block attribute in versions up to, and including, 1.10.2. This is due to insufficient input sanitization and output escaping in the wrapdirectiontext function, which interpolates the...

6.4CVSS
Exploits0References5
cve
cve
added 8 hours ago7 views

CVE-2026-15099

The CVE-2026-15099 instance concerns the Delicious Recipes WordPress plugin (

6.4CVSS6.2AI score
Exploits0References5
euvd
euvd
added 8 hours ago4 views

EUVD-2026-44883

The Delicious Recipes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'steps' block attribute in versions up to, and including, 1.10.2. This is due to insufficient input sanitization and output escaping in the wrapdirectiontext function, which interpolates the...

6.4CVSS6.2AI score
Exploits0References5
nvd
nvd
added 2026/06/26 3:16 p.m.9 views

CVE-2026-57663

Contributor SQL Injection in Recipe Maker For Your Food Blog from Zip Recipes = 8.2.7 versions...

8.5CVSS0.00211EPSS
Exploits0References1
euvd
euvd
added 2026/06/26 2:53 p.m.9 views

EUVD-2026-39668

Contributor SQL Injection in Recipe Maker For Your Food Blog from Zip Recipes = 8.2.7 versions...

8.5CVSS5.8AI score0.00211EPSS
Exploits0References1
cvelist
cvelist
added 2026/06/26 2:53 p.m.36 views

CVE-2026-57663 WordPress Recipe Maker For Your Food Blog from Zip Recipes plugin <= 8.2.7 - SQL Injection vulnerability

Contributor SQL Injection in Recipe Maker For Your Food Blog from Zip Recipes = 8.2.7 versions...

8.5CVSS0.00211EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/06/26 2:53 p.m.7 views

CVE-2026-57663

Contributor SQL Injection in Recipe Maker For Your Food Blog from Zip Recipes = 8.2.7 versions...

8.5CVSS5.8AI score0.00211EPSS
Exploits0References2
cve
cve
added 2026/06/26 2:53 p.m.19 views

CVE-2026-57663

CVE-2026-57663 describes a SQL Injection vulnerability in the WordPress plugin Zip Recipes (Recipe Maker For Your Food Blog) versions

8.5CVSS5.8AI score0.00211EPSS
Exploits0References1
patchstack
patchstack
added 2026/06/26 1:26 p.m.287 views

WordPress Recipe Maker For Your Food Blog from Zip Recipes plugin <= 8.2.7 - SQL Injection vulnerability

SQL Injection vulnerability discovered by ParkHyunWoo in WordPress Plugin Recipe Maker For Your Food Blog from Zip Recipes versions = 8.2.7...

8.5CVSS5.8AI score0.00211EPSS
Exploits0Affected Software1
ptsecurity
ptsecurity
added 2026/06/26 12:0 a.m.12 views

PT-2026-52833

Name of the Vulnerable Software and Affected Versions Recipe Maker For Your Food Blog from Zip Recipes versions prior to 8.2.8 Description A SQL Injection issue exists that allows exploitation at the contributor level. SQL Injection is a technique where an attacker inserts malicious SQL code into...

8.5CVSS5.9AI score0.00211EPSS
Exploits0References3
nvd
nvd
added 2026/06/19 5:16 p.m.13 views

CVE-2017-20278

Joomla Component JoomRecipe 1.0.3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the category parameter. Attackers can send GET requests to the all-recipes endpoint with malicious SQL payloads in the...

8.8CVSS0.00237EPSS
Exploits0References2
euvd
euvd
added 2026/06/19 4:44 p.m.8 views

EUVD-2017-19005

Joomla Component JoomRecipe 1.0.3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the category parameter. Attackers can send GET requests to the all-recipes endpoint with malicious SQL payloads in the...

8.8CVSS6AI score0.00237EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/06/19 4:44 p.m.9 views

CVE-2017-20278

Joomla Component JoomRecipe 1.0.3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the category parameter. Attackers can send GET requests to the all-recipes endpoint with malicious SQL payloads in the...

8.8CVSS6AI score0.00237EPSS
Exploits0References2Affected Software1
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.18 views

PT-2026-50959

Name of the Vulnerable Software and Affected Versions JoomRecipe version 1.0.3 Description An SQL injection allows unauthenticated attackers to manipulate database queries by injecting SQL code through the category parameter. This is achieved by sending GET requests to the 'all-recipes' endpoint...

8.8CVSS6AI score0.00237EPSS
Exploits0References5
redhatcve
redhatcve
added 2026/06/05 7:10 p.m.14 views

CVE-2026-35489

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Prior to 2.6.4, the POST /api/food/id/shopping/ endpoint reads amount and unit directly from request.data and passes them without validation to ShoppingListEntry.objects.create. Invalid amount...

7.3CVSS5.5AI score0.00224EPSS
Exploits1References1
packetstormnews
packetstormnews
added 2026/05/30 12:0 a.m.24 views

NICE: A Framework for Declarative and Machine-Checkable Vulnerability Reproduction

Reproducing software vulnerabilities is fundamental to security researchers, open-source maintainers, and educators. Yet, vulnerabilities remain hard to reproduce today, and even when they can be reproduced, recreating a software environment where the vulnerability can be exploited becomes harder...

5.8AI score
Exploits0
packetstormnews
packetstormnews
added 2026/05/25 12:0 a.m.26 views

FuzzPilot: Plateau-Triggered Recipe Validation for Structured Text Fuzzing

FuzzPilot is a controller for AFL++ that moves expensive reasoning out of the mutation hot path. When coverage plateaus, it snapshots the corpus, prepares candidate mutation recipes, evaluates them in short isolated AFL++ micro-campaigns, and promotes only recipes with positive validation reward...

5.8AI score
Exploits0
spring
spring
added 2026/05/11 12:0 a.m.11 views

Spring Office Hours Podcast: S5E15 - Upgrading Spring and OSS Security

Join Dan Vega and DaShaun Carter for the latest updates from the Spring Ecosystem. In this episode, Dan and DaShaun tackle two challenges every Spring developer faces: keeping applications up to date and staying ahead of security vulnerabilities in open source dependencies. They explore how AI...

5.8AI score
Exploits0
Rows per page
Query Builder