Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

38 matches found

RedhatCVE
RedhatCVEadded 2026/03/26 5:4 p.m.0 views

CVE-2026-25341

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RSJoomla! RSFirewall! rsfirewall allows Stored XSS.This issue affects RSFirewall!: from n/a through = 1.1.45...

7.1CVSS5.8AI score0.00045EPSS
Exploits0References1
EUVD
EUVDadded 2026/03/25 6:31 p.m.1 views

EUVD-2026-15653

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RSJoomla! RSFirewall! rsfirewall allows Stored XSS.This issue affects RSFirewall!: from n/a through = 1.1.45...

7.1CVSS5.8AI score0.00045EPSS
Exploits0References2
NVD
NVDadded 2026/03/25 5:16 p.m.0 views

CVE-2026-25341

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RSJoomla! RSFirewall! rsfirewall allows Stored XSS.This issue affects RSFirewall!: from n/a through = 1.1.45...

7.1CVSS0.00045EPSS
Exploits0References1
CVE
CVEadded 2026/03/25 4:14 p.m.2 views

CVE-2026-25341

The CVE-2026-25341 entry documents a Stored XSS in WordPress RSFirewall! (RSJoomla! rsfirewall) plugin, affecting versions up to 1.1.45 due to improper input neutralization during web page generation. The vulnerability can be triggered through the affected plugin, with CVSS v3.1 indicating NETWOR...

7.1CVSS5.8AI score0.00045EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/03/25 4:14 p.m.21 views

CVE-2026-25341 WordPress RSFirewall! plugin <= 1.1.45 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RSJoomla! RSFirewall! rsfirewall allows Stored XSS.This issue affects RSFirewall!: from n/a through = 1.1.45...

7.1CVSS0.00045EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/03/25 4:14 p.m.0 views

CVE-2026-25341 WordPress RSFirewall! plugin <= 1.1.45 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RSJoomla! RSFirewall! rsfirewall allows Stored XSS.This issue affects RSFirewall!: from n/a through = 1.1.45...

7.1CVSS5.8AI score0.00045EPSS
Exploits0References1
CNNVD
CNNVDadded 2026/03/25 12:0 a.m.2 views

WordPress plugin RSFirewall 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. There is a...

7.1CVSS5.7AI score0.00045EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/03/25 12:0 a.m.0 views

PT-2026-27904

Name of the Vulnerable Software and Affected Versions RSFirewall versions prior to 1.1.45 Description The software contains a flaw due to improper handling of user-supplied data during web page creation, which can lead to stored cross-site scripting XSS. This allows an attacker to inject maliciou...

7.1CVSS5.8AI score0.00045EPSS
Exploits0References3
Patchstack
Patchstackadded 2026/03/23 1:9 p.m.1 views

WordPress RSFirewall! plugin <= 1.1.45 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by johska in WordPress Plugin RSFirewall! versions = 1.1.45...

7.1CVSS5.8AI score0.00045EPSS
Exploits0Affected Software1
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2021-34084

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00138EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-21212

Malicious code in bioql PyPI...

4.9CVSS6.5AI score0.00491EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2025-16991

Malicious code in bioql PyPI...

5.4CVSS6.6AI score0.00311EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/07/14 10:15 a.m.2 views

CVE-2025-7518

The RSFirewall! plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.1.42 via the getlocalfilename function. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents of arbitrary files on the server...

4.9CVSS6.1AI score0.00491EPSS
Exploits0References1
NVD
NVDadded 2025/07/12 10:15 a.m.3 views

CVE-2025-7518

The RSFirewall! plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.1.42 via the getlocalfilename function. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents of arbitrary files on the server...

4.9CVSS0.00491EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2025/07/12 9:24 a.m.2 views

CVE-2025-7518 RSFirewall! <= 1.1.42 - Authenticated (Admin+) Arbitrary File Read

The RSFirewall! plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.1.42 via the getlocalfilename function. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents of arbitrary files on the server...

4.9CVSS6.7AI score0.00491EPSS
Exploits0References2
Cvelist
Cvelistadded 2025/07/12 9:24 a.m.6 views

CVE-2025-7518 RSFirewall! <= 1.1.42 - Authenticated (Admin+) Arbitrary File Read

The RSFirewall! plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.1.42 via the getlocalfilename function. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents of arbitrary files on the server...

4.9CVSS0.00491EPSS
Exploits0References2
CVE
CVEadded 2025/07/12 9:24 a.m.21 views

CVE-2025-7518

CVE-2025-7518 affects the WordPress RSFirewall! plugin. A path traversal vulnerability exists in versions through 1.1.42 via the get_local_filename() function, allowing authenticated attackers with Administrator-level access and above to read arbitrary server files. Impact is unauthorized disclos...

4.9CVSS6.2AI score0.00491EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2025/07/12 12:0 a.m.3 views

PT-2025-29316 · WordPress · Rsfirewall

Name of the Vulnerable Software and Affected Versions: RSFirewall! plugin for WordPress versions through 1.1.42 Description: The RSFirewall! plugin for WordPress is susceptible to a Path Traversal issue via the get local filename function. This allows authenticated attackers with...

4.9CVSS6.1AI score0.00491EPSS
Exploits0References7
CNNVD
CNNVDadded 2025/07/12 12:0 a.m.0 views

WordPress plugin RSFirewall 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...

4.9CVSS6.6AI score0.00491EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2025/06/07 2:6 p.m.9 views

CVE-2025-27445

A path traversal vulnerability in RSFirewall component 2.9.7 - 3.1.5 for Joomla was discovered. This vulnerability allows authenticated users to read arbitrary files outside the Joomla root directory. The flaw is caused by insufficient sanitization of user-supplied input in file path parameters,...

5.4CVSS6.2AI score0.00311EPSS
Exploits0References1
Rows per page
Query Builder