Lucene search
K

133 matches found

Spring Security Advisories
Spring Security Advisories
added 2025/09/04 12:0 a.m.10 views

A Bootiful Podcast: Spring Cloud guru Ryan Baxter

Hi, Spring fans! In this installment we talk to the amazing Spring Cloud contributor Ryan Baxter, live from SpringOne 2025!...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in @zalastax/nolb-_ryan (npm)

The package @zalastax/nolb-ryan was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-10385 Malicious code in @zalastax/nolb-_ryan (npm)

The package @zalastax/nolb-ryan was found to contain malicious code...

7.2AI score
Exploits0
Patchstack
Patchstack
added 2025/07/02 5:24 a.m.5 views

WordPress Premmerce plugin <= 1.3.19 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Ryan Novotny in WordPress Plugin Premmerce versions = 1.3.19...

7.5CVSS7AI score0.0042EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/06/25 4:31 a.m.6 views

WordPress Coupon Affiliates plugin <= 7.2.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Ryan Novotny in WordPress Plugin Coupon Affiliates versions = 7.2.0...

5.3CVSS7AI score0.00249EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/06/08 1:19 p.m.8 views

CVE-2025-49429

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ryan Burnette Video Embeds video-embeds allows Stored XSS.This issue affects Video Embeds: from n/a through = 0.1.1...

6.5CVSS5.9AI score0.00174EPSS
Exploits0References1
NVD
NVD
added 2025/06/06 1:15 p.m.17 views

CVE-2025-49429

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ryan Burnette Video Embeds video-embeds allows Stored XSS.This issue affects Video Embeds: from n/a through = 0.1.1...

6.5CVSS0.00174EPSS
Exploits0References1
CVE
CVE
added 2025/06/06 12:54 p.m.52 views

CVE-2025-49429

CVE-2025-49429 is a Stored Cross‑Site Scripting (XSS) in the Video Embeds WordPress plugin. Root cause: improper neutralization of input during web page generation. Affected software: Video Embeds (versions up to 0.1.1; range indicated as from n/a through 0.1.1). Documented CVSS: 3.1 base score 6...

6.5CVSS5.9AI score0.00174EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/06 12:0 a.m.14 views

PT-2025-24260 · Unknown · Ryan Burnette Video Embeds

Name of the Vulnerable Software and Affected Versions: Ryan Burnette Video Embeds versions 0.1.1 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for Stored XSS attacks. This means that an attacker can inject malicious...

6.5CVSS6AI score0.00174EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/06/03 8:45 a.m.8 views

WordPress WC MyParcel Belgium plugin <= 4.5.5-beta - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Ryan Novotny in WordPress Plugin WC MyParcel Belgium versions = 4.5.5-beta...

7.1CVSS5.9AI score0.0018EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 7:23 a.m.7 views

CVE-2024-24929

Cross-Site Request Forgery CSRF vulnerability in Ryan Duff, Peter Westwood WP Contact Form.This issue affects WP Contact Form: from n/a through 1.6...

8.8CVSS6.3AI score0.0023EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:40 a.m.3 views

CVE-2024-51887

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ryscript NV Slider nv-slider allows Stored XSS.This issue affects NV Slider: from n/a through = 1.6...

6.5CVSS7.2AI score0.00302EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:23 a.m.6 views

CVE-2024-54396

Cross-Site Request Forgery CSRF vulnerability in elmervillanueva Bet sport Free bet-sport-free allows Cross Site Request Forgery.This issue affects Bet sport Free: from n/a through = 1.0.0...

4.3CVSS7.2AI score0.00242EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/05/22 12:29 p.m.10 views

WordPress ReDi Restaurant Reservation plugin <= 24.1209 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Ryan Novotny in WordPress Plugin ReDi Restaurant Reservation versions = 24.1209...

7.1CVSS5.9AI score0.00191EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/05/02 1:50 p.m.10 views

WordPress Category Widget plugin <= 2.0.2 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by noven in WordPress Plugin Category Widget versions = 2.0.2...

7.1CVSS7.5AI score0.00228EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2025/04/17 3:48 p.m.21 views

CVE-2025-23443 WordPress Author Showcase plugin <= 1.4.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Claire Ryan Author Showcase author-showcase allows Reflected XSS.This issue affects Author Showcase: from n/a through = 1.4.3...

7.1CVSS0.00237EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/17 12:0 a.m.5 views

PT-2025-17021 · Unknown · Claire Ryan Author Showcase

Name of the Vulnerable Software and Affected Versions: Claire Ryan Author Showcase versions 1.4.3 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. This enables an attacker ...

7.1CVSS6.1AI score0.00237EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/02/05 3:59 a.m.6 views

CVE-2024-54403

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in oktoberfive Visual Recent Posts visual-recent-posts allows Reflected XSS.This issue affects Visual Recent Posts: from n/a through = 1.2.3...

7.1CVSS7.2AI score0.00387EPSS
Exploits0References1
NVD
NVD
added 2025/01/16 8:15 p.m.4 views

CVE-2025-23661

Cross-Site Request Forgery CSRF vulnerability in ryscript NV Slider nv-slider allows Stored XSS.This issue affects NV Slider: from n/a through = 1.6...

7.1CVSS0.00184EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/01/07 11:15 p.m.4 views

WordPress MAS Elementor plugin <= 1.1.7 - Authenticated (Author+) Stored Cross-Site Scripting via SVG vulnerability

Authenticated Author+ Stored Cross-Site Scripting via SVG vulnerability discovered by Ryan Zegar in WordPress Plugin MAS Elementor versions = 1.1.7...

6.4CVSS5.8AI score0.00272EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder